home

via.exe

Kramer Electronics LTD.

Publisher:
Kramer Electronics LTD.  (signed and verified)

MD5:
f5a0c7f6293dcbbe956bbfdbba5cafee

SHA-1:
fbd91948bad2b5d4cbdfa6b4f3511631ab825df2

SHA-256:
7d818c2a0890404fe0635ff2b04eb7fe7d389b6382f09b191cd029a9b3fc7b5c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/28/2024 12:41:23 AM UTC  (today)

File size:
2.8 MB (2,976,008 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\via.exe

Digital Signature
Signed by:
Kramer Electronics LTD.

Authority:
VeriSign, Inc.

Valid from:
9/28/2014 3:00:00 AM

Valid to:
9/28/2016 2:59:59 AM

Subject:
CN=Kramer Electronics LTD., OU=Marketing Dept., O=Kramer Electronics LTD., L=Jerusalem, S=Israel, C=IL

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
370010A0EDB4337C0B64213E3C0B82E1

File PE Metadata
Compilation timestamp:
12/8/2015 3:35:18 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:+QcbY+m9b5Gx2pgtXspM8UdnMW/wcPhX+ue2KJO:+QcbY+m1FispM8UdnMW/wcPhX

Entry address:
0x10C724

Entry point:
E8, EA, 03, 00, 00, E9, 63, FD, FF, FF, 8B, FF, 55, 8B, EC, 81, EC, 28, 03, 00, 00, A3, 70, C5, 6A, 00, 89, 0D, 6C, C5, 6A, 00, 89, 15, 68, C5, 6A, 00, 89, 1D, 64, C5, 6A, 00, 89, 35, 60, C5, 6A, 00, 89, 3D, 5C, C5, 6A, 00, 66, 8C, 15, 88, C5, 6A, 00, 66, 8C, 0D, 7C, C5, 6A, 00, 66, 8C, 1D, 58, C5, 6A, 00, 66, 8C, 05, 54, C5, 6A, 00, 66, 8C, 25, 50, C5, 6A, 00, 66, 8C, 2D, 4C, C5, 6A, 00, 9C, 8F, 05, 80, C5, 6A, 00, 8B, 45, 00, A3, 74, C5, 6A, 00, 8B, 45, 04, A3, 78, C5, 6A, 00, 8D, 45, 08, A3, 84, C5, 6A...
 
[+]

Code size:
1.2 MB (1,245,184 bytes)

Scan via.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.