home

Tractivity.Helper.BLE.exe

Tractivity Connect

Kineteks Corporation

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Tractivity.Helper.BLE’.
Publisher:
Kineteks Corporation  (signed and verified)

Product:
Tractivity Connect

Description:
Tractivity.Helper

Version:
1.0.5989.27612

MD5:
9beac481c5912b200f933dc3b9952b87

SHA-1:
79f12fba197de5a109612b94fc836d27865c3834

SHA-256:
6d232a02d5e7212d40c5f48755f2857c76d203c9808b243ef2661855c750a1f9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/25/2024 1:43:35 PM UTC  (today)

File size:
33.7 KB (34,472 bytes)

Product version:
1.0.5989.27612

Copyright:
Copyright © 2015

Original file name:
Tractivity.Helper.BLE.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\tractivity\connectbt\tractivity.helper.ble.exe

Digital Signature
Signed by:
Kineteks Corporation

Authority:
GlobalSign nv-sa

Valid from:
2/5/2015 1:58:46 PM

Valid to:
2/5/2017 1:58:46 PM

Subject:
CN=Kineteks Corporation, O=Kineteks Corporation, L=Vancouver, S=BC, C=CA

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121228E70CD2D543A9DD94A641FC484DBBD

File PE Metadata
Compilation timestamp:
5/25/2016 4:20:25 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
384:dMJvdPKqlHczZcYtK6GTTx2jXSYp8TsndOzmwJCES8enrHARvnLr3PLlYInIV/rl:dMJvdn8o6G7MOzzuHARv/aYQ/rl

Entry address:
0x83BE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 10, 00, 00, 00, 20, 00, 00, 80, 18, 00, 00, 00, 38, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 50, 00, 00, 80, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.7254

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
25 KB (25,600 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Tractivity.Helper.BLE

Command:
C:\Program Files\tractivity\connectbt\tractivity.helper.ble.exe


Scan Tractivity.Helper.BLE.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.