home

StartScreen.exe

StartIsBack

Stanislav Zinukhov

Publisher:
www.startisback.com  (signed by Stanislav Zinukhov)

Product:
StartIsBack

Description:
StartIsBack Helper Tool

Version:
4.0.0

MD5:
ace8b587e37d074bfe5d31190946b0e4

SHA-1:
b525223c54b3851d1e29bed4f06a5b5b91e6eac8

SHA-256:
dbfdf2790dc4953c381d1d7195d887a3faf5616ea8d81e8d2f92271602cb35d9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/23/2024 10:58:13 PM UTC  (today)

File size:
67.5 KB (69,104 bytes)

Product version:
4.0.0

Copyright:
Copyright (C) 2013+, Tihiy

Original file name:
StartScreen.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\startscreen.exe

Digital Signature
Signed by:
Stanislav Zinukhov

Authority:
StartCom Ltd.

Valid from:
2/5/2016 7:15:14 AM

Valid to:
2/5/2018 7:15:14 AM

Subject:
CN=Stanislav Zinukhov, O=Stanislav Zinukhov, L=Moscow, S=Moscow City, C=RU

Issuer:
CN=StartCom Class 2 Object CA, OU=StartCom Certification Authority, O=StartCom Ltd., C=IL

Serial number:
5271F4614E0F58C89FEE1FA7211D7308

File PE Metadata
Compilation timestamp:
7/19/2015 4:21:22 AM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

CTPH (ssdeep):
768:H0EmD/LN9h2nNP5dGRbIf0S7/Y7FqUmkozA0Pht3iE:H0EmF9h2NPZf0CY7FRmpTPfn

Entry address:
0x1D1F

Entry point:
55, 8B, EC, 51, 56, 57, FF, 15, 04, 40, 40, 00, 8D, 55, FC, 8B, C8, E8, D3, F7, FF, FF, 83, 7D, FC, 02, 8B, F8, 7D, 0A, E8, 52, FA, FF, FF, E9, AF, 00, 00, 00, 8B, 35, 24, 40, 40, 00, 68, B4, 12, 40, 00, FF, 77, 04, FF, D6, 85, C0, 75, 0A, E8, 5E, F9, FF, FF, E9, 91, 00, 00, 00, 68, CC, 12, 40, 00, FF, 77, 04, FF, D6, 85, C0, 75, 07, E8, C5, F9, FF, FF, EB, 7C, 68, DC, 12, 40, 00, FF, 77, 04, FF, D6, 85, C0, 75, 1C, 68, DC, 12, 40, 00, FF, 15, 04, 40, 40, 00, 50, FF, 15, 28, 30, 40, 00, 8D, 48, 20, E8, 9E...
 
[+]

Entropy:
5.9472

Developed / compiled with:
Microsoft Visual C++

Code size:
6 KB (6,144 bytes)

The file StartScreen.exe has been discovered within the following program.

StartIsBack+  by startisback.com
About 7% of users remove it
 
Powered by Should I Remove It?

Scan StartScreen.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.