home

via.exe

Kramer Electronics LTD.

Publisher:
Kramer Electronics LTD.  (signed and verified)

MD5:
8eb2feafbb8c7cbe2cb833d1ef04507f

SHA-1:
112e14df2ca4474f25d45b9c010c78a80d936c29

SHA-256:
0342fc8e1472d2c3d7f79417bb81369098d0bd51cea9445d39e0fef41136b5aa

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/28/2024 12:33:28 AM UTC  (today)

File size:
2.8 MB (2,976,008 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\via.exe

Digital Signature
Signed by:
Kramer Electronics LTD.

Authority:
VeriSign, Inc.

Valid from:
9/28/2014 8:00:00 AM

Valid to:
9/28/2016 7:59:59 AM

Subject:
CN=Kramer Electronics LTD., OU=Marketing Dept., O=Kramer Electronics LTD., L=Jerusalem, S=Israel, C=IL

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
370010A0EDB4337C0B64213E3C0B82E1

File PE Metadata
Compilation timestamp:
1/14/2016 2:15:01 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:ZG/CwE36eaBIGx2pgtXspM8/e2vByOriG7Ot2pW7NFWMP:ZG/Cwa6eaB+ispM8/e2vByOriG7Owp

Entry address:
0x10C7E4

Entry point:
E8, EA, 03, 00, 00, E9, 63, FD, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 70, C5, 6A, 00, 89, 0D, 6C, C5, 6A, 00, 89, 15, 68, C5, 6A, 00, 89, 1D, 64, C5, 6A, 00, 89, 35, 60, C5, 6A, 00, 89, 3D, 5C, C5, 6A, 00, 66, 8C, 15, 88, C5, 6A, 00, 66, 8C, 0D, 7C, C5, 6A, 00, 66, 8C, 1D, 58, C5, 6A, 00, 66, 8C, 05, 54, C5, 6A, 00, 66, 8C, 25, 50, C5, 6A, 00, 66, 8C, 2D, 4C, C5, 6A, 00, 9C, 8F, 05, 80, C5, 6A, 00, 8B, 45, 00, A3, 74, C5, 6A, 00, 8B, 45, 04, A3, 78, C5, 6A, 00, 8D, 45, 08, A3, 84, C5, 6A...
 
[+]

Entropy:
7.2015

Code size:
1.2 MB (1,245,184 bytes)

Scan via.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.