» ShipWorks.exe
Overview
Analysis
File Details
Behaviors (1)

ShipWorks.exe

ShipWorks

Interapptive, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘ShipWorksScheduler$9079F2C5CF284825AD66B5FB9794B770’.

File name:

ShipWorks.exe

Publisher:

Interapptive®, Inc. (signed by Interapptive, Inc.)

Product:

ShipWorks

Description:

ShipWorks®

Version:

3.7.3.5312

MD5:

fdf6205cde43ae836f3153086111a239

SHA-1:

29cbe3d0e38aac10080c35d512656bb882232047

SHA-256:

689e6391cd7be7dc9002285b85e9c7df46ff4cdbe1eba0d76444c2124c7f6b75

Scanner detections:

0 / 68

Status:

Clean (as of last analysis)

Analysis date:

11/25/2024 4:54:15 PM UTC (today)

File size:

20.6 MB (21,648,856 bytes)

Product version:

3.7.3.5312

Trademarks:

ShipWorks® and Interapptive® are registered trademarks of Interapptive®, Inc.

Original file name:

ShipWorks.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\shipworks\shipworks.exe

Digital Signature

Signed by:

Interapptive, Inc.

Authority:

COMODO CA Limited

Valid from:

1/22/2013 1:00:00 AM

Valid to:

1/23/2016 12:59:59 AM

Subject:

CN="Interapptive, Inc.", O="Interapptive, Inc.", STREET=One Memorial Drive, STREET=Suite 2000, L=St. Louis, S=MO, PostalCode=63102, C=US

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00D4701B73F6E1CCBAA4444CE1D2FE7E69

File PE Metadata

Compilation timestamp:

2/19/2014 5:44:51 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

196608:FSUeLVrBeTVTlQqwjJl+3wJlyowGVcmxb9jVWQOqyjlJl:9v1GVXxxBrOq

Entry address:

0x1426CAA

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.6922

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

20.1 MB (21,122,560 bytes)

Startup File (All Users Run)

Registry location:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

ShipWorksScheduler$9079F2C5CF284825AD66B5FB9794B770

Command:

C:\Program Files\shipworks\shipworks.exe \s=scheduler

Scan ShipWorks.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.