YodaShieldTotalProtection.exe

Tech Matrix InfoSolutions Inc

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘YodaShield Total ProtectionMain’.
Publisher:
YodaShield Total Protection  (signed by Tech Matrix InfoSolutions Inc)

Product:
YodaShield Total Protection

Version:
1.5.3.0

MD5:
6c946e4ecb700ccd86baa21bb2fe87a8

SHA-1:
43dba0055f3aeb4cfe4a7b48f8264dee0dac6cb2

SHA-256:
3909280d962f82bbbf353de803c34e939b372b12aedba2ac20837ca550300b1a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/25/2024 3:00:22 PM UTC  (today)

File size:
6.4 MB (6,668,824 bytes)

Product version:
1.5.3.0

Copyright:
Copyright © 2015

Original file name:
YodaShieldTotalProtection.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\yodashield total protection\yodashieldtotalprotection.exe

Digital Signature
Authority:
Symantec Corporation

Valid from:
2/4/2015 4:00:00 PM

Valid to:
2/5/2016 3:59:59 PM

Subject:
CN=Tech Matrix InfoSolutions Inc, O=Tech Matrix InfoSolutions Inc, L=New York, S=New York, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
1034DD6F2531FB9573054F7708C1DB45

File PE Metadata
Compilation timestamp:
2/5/2015 11:13:54 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:ereunezlBcu/bVyEcDkkkkkkkckkkkkkkkkMkkkkkkkkkkkkkkkk2PwX+UCqRVEq:BI+BqRV02SfM0NZdgGCidZI

Entry address:
0x64368E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.8441

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
6.3 MB (6,559,744 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
YodaShield Total ProtectionMain

Command:
"C:\Program Files\yodashield total protection\yodashieldtotalprotection.exe" fromscheduler


Scan YodaShieldTotalProtection.exe - Powered by Reason Core Security