home

versioncontrol.exe

Gabriel Odinaka

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Navigator’.
Publisher:
Navigator  (signed by Gabriel Odinaka)

Product:
Navigator

Description:
NavigatorVersion

Version:
1.0.0.1

MD5:
4176e0a874ae18f7a39f9e0b6ee50f9c

SHA-1:
428256f865a2701ca839dcca024b43c331d22b12

SHA-256:
d9561cfe5c22c5d972b1a5eaba0a5acd2d5cfae0d098f556b6ea9259510d75e0

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/28/2024 7:00:27 PM UTC  (today)

File size:
3.1 MB (3,219,456 bytes)

Product version:
1.0.0.1

Copyright:
(c) Navigator. All rights reserved.

Original file name:
NavigatorVersion.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\navigator\versioncontrol.exe

Digital Signature
Signed by:
Gabriel Odinaka

Authority:
DigiCert Inc

Valid from:
12/22/2015 7:00:00 PM

Valid to:
1/4/2017 7:00:00 AM

Subject:
CN=Gabriel Odinaka, O=Gabriel Odinaka, L=Huntsville, S=AL, C=US

Issuer:
CN=DigiCert SHA2 Assured ID Code Signing CA, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0E443B3257E3016BE65B34ECCF52598C

File PE Metadata
Compilation timestamp:
1/9/2016 4:45:04 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:vtL4XxLv9oQA6tZYajMxymQ8ZN33lDyI5jf7vQ7pSlLLe6:veXxbcBL3Q8d7vmpO

Entry address:
0x20F590

Entry point:
8B, FF, 55, 8B, EC, E8, 76, 72, 01, 00, E8, 11, 00, 00, 00, 5D, C3, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 8B, FF, 55, 8B, EC, 6A, FE, 68, E0, 61, 6C, 00, 68, 60, 10, 61, 00, 64, A1, 00, 00, 00, 00, 50, 83, C4, 98, 53, 56, 57, A1, F4, FE, 6C, 00, 31, 45, F8, 33, C5, 50, 8D, 45, F0, 64, A3, 00, 00, 00, 00, 89, 65, E8, C7, 45, 90, 00, 00, 00, 00, 8D, 45, A0, 50, FF, 15, 10, 24, 66, 00, 83, 3D, 2C, 85, 6D, 00, 00, 75, 0E, 6A, 00, 6A, 00, 6A, 01, 6A, 00, FF, 15, 0C, 24, 66, 00, E8, 8E, 01...
 
[+]

Entropy:
6.1991

Code size:
2.4 MB (2,493,952 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Navigator

Command:
C:\Program Files\navigator\versioncontrol.exe


Scan versioncontrol.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.