home

zentimo.exe

Zentimo

Crystal Rich, Ltd

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Zentimo xStorage Manager’.
Publisher:
Crystal Rich Ltd  (signed by Crystal Rich, Ltd)

Product:
Zentimo

Description:
Zentimo - An External Drive Manager

Version:
1.5.1.1187

MD5:
250fe63acb72fa9bd02984a84bc172ea

SHA-1:
8fa14af31a2f9e47f47ee1d700b7ebeb369c3252

SHA-256:
91b5fe72d726219822588362a89b0fbcb089178ce9fc42d8db468b83090af762

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/16/2024 3:38:19 AM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
PUA.Packed.ASPack
0.98/18011

Rising Antivirus
Suspicious
23.00.65.161228

File size:
2 MB (2,079,064 bytes)

Product version:
1.5.1.1187

Copyright:
Copyright © 2011 by Crystal Rich Ltd

File type:
Executable application (Win32 EXE)

Language:
English (United Kingdom)

Common path:
C:\Program Files\zentimo\zentimo.exe

Digital Signature
Signed by:
Crystal Rich, Ltd

Authority:
VeriSign, Inc.

Valid from:
12/1/2010 4:00:00 PM

Valid to:
12/2/2011 3:59:59 PM

Subject:
CN="Crystal Rich, Ltd", OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Crystal Rich, Ltd", L=Saint Petersburg, S=Saint Petersburg, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
582E502BCA04FD9767BEE4917A3608A0

File PE Metadata
Compilation timestamp:
6/19/1992 3:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x1000

Entry point:
68, 01, 10, 80, 00, E8, 01, 00, 00, 00, C3, C3, 8B, 08, E9, AE, 76, CF, A1, 94, D0, 6A, 02, AF, FE, FD, EB, 8E, 7C, AD, 5F, E4, 3A, F3, DF, 94, 0C, 6C, F6, FE, D6, B6, 30, 96, 8A, 3F, 4B, FF, C1, 91, 14, B1, D1, 19, DB, B7, 28, B2, 9A, 2E, BD, A4, A4, A3, 46, 7A, 00, DF, B3, F5, 7F, D5, FE, 6D, 52, 65, 66, 34, 8E, 4E, D4, 66, B8, 05, B5, 16, CC, 59, D3, 0E, 8B, 3C, BB, 71, 8C, 3C, D1, 12, 87, 86, B2, 5C, AE, 9A, EE, D9, 8E, FC, 41, 95, 03, FE, 8B, 95, F6, 46, D3, AF, 21, 3B, 49, 90, 03, F7, 9E, D3, 32, D3...
 
[+]

Entropy:
7.4804

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
2.3 MB (2,385,920 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Zentimo xStorage Manager

Command:
C:\Program Files\zentimo\zentimo.exe \startup


Scan zentimo.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.