home

ShipWorks.exe

ShipWorks

Interapptive, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘ShipWorksScheduler$66ADA1E2C7FC4839A61DD1DFB727F33E’.
Publisher:
Interapptive®, Inc.  (signed by Interapptive, Inc.)

Product:
ShipWorks

Description:
ShipWorks®

Version:
4.7.2.8872

MD5:
1eeebe52faef24ad99b600d93a522ebc

SHA-1:
a361007707c41763e03c8ce6b2fe0bc749844e6c

SHA-256:
bf2966914ba85f90a67032392404d5104c74af536b53fe44f39cde03290cef29

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 5:01:02 PM UTC  (today)

File size:
522.4 KB (534,904 bytes)

Product version:
4.7.2.8872

Copyright:
Copyright © Interapptive®, Inc. 2003-2013

Trademarks:
ShipWorks® and Interapptive® are registered trademarks of Interapptive®, Inc.

Original file name:
ShipWorks.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\shipworks\shipworks.exe

Digital Signature
Signed by:
Interapptive, Inc.

Authority:
COMODO CA Limited

Valid from:
1/24/2016 7:00:00 PM

Valid to:
1/24/2018 6:59:59 PM

Subject:
CN="Interapptive, Inc.", O="Interapptive, Inc.", STREET=1 S MEMORIAL DR STE 720, STREET=Suite 2000, L=St. Louis, S=MO, PostalCode=63102, C=US

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
1E4315B67378794FFC8773BCE9546165

File PE Metadata
Compilation timestamp:
2/8/2016 9:09:59 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
48.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
3072:Web434+FcgsnN8UA9hm+DgGS3sIToR1LjVoko6BqLR9D813Nu3Ti60J:Rb4vUNe1V1LjVro6Id9D8dNX3

Entry address:
0x3F9A

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 30, 00, 00, 0C, 00, 00, 00, 9C, 3F, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.9851

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
8 KB (8,192 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
ShipWorksScheduler$66ADA1E2C7FC4839A61DD1DFB727F33E

Command:
C:\Program Files\shipworks\shipworks.exe \s=scheduler


Scan ShipWorks.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.