home

ShipWorks.exe

ShipWorks

Interapptive, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘ShipWorksScheduler$5E206C69C7AA468F92917B3142AE92DA’.
Publisher:
Interapptive®, Inc.  (signed by Interapptive, Inc.)

Product:
ShipWorks

Description:
ShipWorks®

Version:
4.7.1.8840

MD5:
20af16f95fdf06ab36520664cad10a3d

SHA-1:
8ff74c13cab08187fd97b6a8f6aede109eb49558

SHA-256:
31e36ba4b7684f1d50c49931350d17869a0e977bb4ef2197c3a2aab8686f7aec

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 4:48:54 PM UTC  (today)

File size:
523.7 KB (536,296 bytes)

Product version:
4.7.1.8840

Copyright:
Copyright © Interapptive®, Inc. 2003-2013

Trademarks:
ShipWorks® and Interapptive® are registered trademarks of Interapptive®, Inc.

Original file name:
ShipWorks.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\shipworks\shipworks.exe

Digital Signature
Signed by:
Interapptive, Inc.

Authority:
COMODO CA Limited

Valid from:
10/14/2015 7:00:00 PM

Valid to:
1/22/2016 5:59:59 PM

Subject:
CN="Interapptive, Inc.", O="Interapptive, Inc.", STREET=One Memorial Drive, STREET=Suite 2000, L=St. Louis, S=MO, PostalCode=63102, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00A36510F38B56DEF53F5047C43BDD1F07

File PE Metadata
Compilation timestamp:
1/22/2016 5:21:30 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
48.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:0sb434+FcgsnN8UA9hm+DgGS3sIToR1LjVoko6BqLR9D813Nu3Tig42L:Bb4vUNe1V1LjVro6Id9D8dNXAL

Entry address:
0x3F9A

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 30, 00, 00, 0C, 00, 00, 00, 9C, 3F, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.9971

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
8 KB (8,192 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
ShipWorksScheduler$5E206C69C7AA468F92917B3142AE92DA

Command:
C:\Program Files\shipworks\shipworks.exe \s=scheduler


Scan ShipWorks.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.