xdeskshow2.exe

鱼鱼桌面秀2

Personal Email

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘XDeskShow2’.
Publisher:
鱼鱼软件  (signed by Personal Email)

Product:
鱼鱼桌面秀2

Description:
鱼鱼桌面秀2 beta1.8

Version:
2.0.5.608

MD5:
ca1be45bc1747d027d6ace43b9fa984a

SHA-1:
5958e8610a65038350c28797f1f9ceb4388179c9

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/6/2024 2:16:39 AM UTC  (today)

File size:
3.3 MB (3,426,488 bytes)

Product version:
2

Copyright:
2007

File type:
Executable application (Win32 EXE)

Common path:
C:\Windows\System32\xpstyle_themepackage\sidebar\xdeskshow2.exe

Digital Signature
Signed by:

Authority:
Unizeto Technologies S.A.

Valid from:
10/23/2009 6:51:45 AM

Valid to:
10/24/2010 6:51:45 AM

Subject:
E=admin@holersoft.com, CN=holersoft.com, OU=Unizeto (r) Personal Certificates, O=Personal Email, C=CN

Issuer:
CN=Certum Level III CA, OU=Certum Certification Authority, O=Unizeto Technologies S.A., C=PL

Serial number:
06CC70

File PE Metadata
Compilation timestamp:
6/20/1992 6:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:2hITmZ/sN9pbjRVP/1LOWeTApTzaxBXTi5rO:2691AJuaTSO

Entry address:
0x277C78

Entry point:
55, 8B, EC, B9, 1C, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, 56, 57, B8, C8, 71, 67, 00, E8, DC, F9, D8, FF, 33, C0, 55, 68, F4, 85, 67, 00, 64, FF, 30, 64, 89, 20, A1, 5C, 62, 68, 00, 8B, 00, E8, 02, B8, E2, FF, A1, 5C, 62, 68, 00, 8B, 00, C7, 40, 78, 64, 00, 00, 00, A1, 5C, 62, 68, 00, 8B, 00, C7, 40, 74, 88, 13, 00, 00, A1, 50, 66, 68, 00, C6, 00, 2E, 8D, 55, E8, A1, 5C, 62, 68, 00, 8B, 00, E8, 77, BE, E2, FF, 8B, 45, E8, 8D, 55, EC, E8, 70, 37, D9, FF, 8B, 55, EC, A1, D4, 5D, 68, 00, E8, 3F, D1, D8...
 
[+]

Entropy:
6.7456

Developed / compiled with:
Microsoft Visual C++

Code size:
2.5 MB (2,587,136 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
XDeskShow2

Command:
C:\Windows\System32\xpstyle_themepackage\sidebar\xdeskshow2.exe


Scan xdeskshow2.exe - Powered by Reason Core Security