home

start_here.exe

Link Data Security A/S

It runs as a scheduled task under the Windows Task Scheduler.
Publisher:
Link Data Security A/S  (signed and verified)

MD5:
9cf771066eb00391871b356eca4e4724

SHA-1:
351faeed03923068e6e5a7c072d5596b45a49eba

SHA-256:
007b87fc4779822747d283d186bdda0705b8acac7a46c8d0b4c2afc94fc7d571

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/24/2024 9:33:09 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
Win32/Heur
2017.0.2761

Rising Antivirus
Packer.Win32.UnkPacker.b [Suspicious]
23.00.65.16425

File size:
235.7 KB (241,328 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\oup\nef ipack elementary network\elementary\start_here.exe

Digital Signature
Signed by:
Link Data Security A/S

Authority:
Thawte Consulting (Pty) Ltd.

Valid from:
4/13/2007 5:21:03 AM

Valid to:
4/12/2008 5:21:03 AM

Subject:
CN=Link Data Security A/S, OU=Secure Application Development, O=Link Data Security A/S, L=Copenhagen, S=Copenhagen, C=DK

Issuer:
CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:
52788BE390DAA81DB65E81593E8F3E21

File PE Metadata
Compilation timestamp:
11/28/2007 12:19:06 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.12

CTPH (ssdeep):
6144:QjJp8Ek989Nj5GcxXRSNALWWOXlO4VCs4/cN9d2ogDecar2G:eXNkyLj5Gon78lOV5cN9d2ogDecaN

Entry address:
0x2983F

Entry point:
68, F1, 36, AD, B6, 87, 1C, 24, 60, E8, 00, 00, 00, 00, 5F, 8D, B7, EA, F7, FF, FF, 81, C7, 32, 00, 00, 00, 8B, 0E, 8A, D1, 83, C6, 04, C1, E9, 08, 74, 0B, 8A, 07, 32, C3, 2A, F8, AA, D3, D3, E2, F5, 80, FA, 00, 74, 07, 01, 1F, 83, C7, 04, EB, DD, 61, 5B, 99, 8D, 0F, 9C, F0, 70, FB, F7, 95, 91, 5F, 9E, 7C, 9E, 00, F4, CE, F0, 29, 80, D4, 82, 3A, FF, 76, E0, 11, 30, 79, FD, 8C, 68, 78, E1, DA, A9, 67, 53, 1B, F2, 29, 93, 46, 3F, EE, BF, 56, B2, 3C, 7B, 96, 25, 93, 28, 37, 1A, 71, 60, D8, 7B, 15, 23, 5E, 3C...
 
[+]

Code size:
163 KB (166,912 bytes)

Scheduled Task
Task name:
{02E37650-2F87-4C99-B7F1-BC60D70FFEA6}

Trigger:
Registration (Runs on registration)


Scan start_here.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.