EvernoteTray.exe
- File Path:
C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
- Description: Evernote Tray Application
Hashes
| Type |
Hash |
| MD5 |
567924AC5E95CC76AA94BBC217717741 |
| SHA1 |
080E54F59F95641B83E2118A814B3D2A1306739E |
| SHA256 |
6602EA5CCB4C52938EF00B2BF7BF1628FA1A0C44782C631306848DD56AC18AFD |
| SHA384 |
D74251B8F0596A190AAD8396DEA8AB0715264727289D8FC5BE763CB828E22893299FA591F99FECE703998BF8458BA50C |
| SHA512 |
C630F8A91297088CFC57E0F27381EBA13D9C86371F87655B18C85D04DABFFBD6C1223B00E2B09BA31DAE0D53DA7DB6066FA56760EF4CB4D1904471FBEB607E7C |
| SSDEEP |
12288:GOeEyq0pBburB244Rg2WpZq6s97nqLwtsF:GOpBB2ZoNGr4wSF |
| IMP |
FCD2BAC437AC5C36276BC91F77B305EB |
| PESHA1 |
2A9A130423304CD846F1F47B5CA4D4F45BACBD4B |
| PE256 |
07F6D0B250EDEA38CFAE684772D3E6962D36757213AC41035FE859E0AFF4931A |
Runtime Data
Child Processes:
Evernote.exe
Open Handles:
| Path |
Type |
| (R-D) C:\Windows\System32\en-US\propsys.dll.mui |
File |
| (RW-) C:\Windows |
File |
| (RW-) C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.488_none_11b1e5df2ffd8627 |
File |
| (RW-) C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.508_none_429cdbca8a8ffa94 |
File |
| (RW-) C:\xCyclopedia |
File |
| \BaseNamedObjects__ComCatalogCache__ |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000003.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000002.db |
Section |
| \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2 |
Section |
| \BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 |
Section |
| \BaseNamedObjects\NLS_CodePage_437_3_2_0_0 |
Section |
| \BaseNamedObjects\windows_shell_global_counters |
Section |
| \Sessions\1\BaseNamedObjects\ENInstancesSM |
Section |
| \Sessions\1\BaseNamedObjects\UrlZonesSM_user |
Section |
| \Sessions\1\BaseNamedObjects\windows_shell_global_counters |
Section |
Loaded Modules:
| Path |
| C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe |
| C:\Windows\SYSTEM32\ntdll.dll |
| C:\Windows\System32\wow64.dll |
| C:\Windows\System32\wow64cpu.dll |
| C:\Windows\System32\wow64win.dll |
Signature
- Status: Signature verified.
- Serial:
0F6C6C76C237FDBD4775DF1EEC48E4E7
- Thumbprint:
AC51E96E30DB8C8AB1657078805399F405626259
- Issuer: CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US
- Subject: CN=Evernote Corporation, O=Evernote Corporation, L=Redwood City, S=CA, C=US
- Original Filename: EvernoteTray.exe
- Product Name: Evernote
- Company Name: Evernote Corp., 305 Walnut Street, Redwood City, CA 94063
- File Version: 6,25,1,9091
- Product Version: 6,25,1,9091
- Language: English (United States)
- Legal Copyright: Copyright 2020 Evernote Corporation.
All rights reserved.
- Machine Type: 32-bit
File Scan
- VirusTotal Detections: 0/68
- VirusTotal Link: https://www.virustotal.com/gui/file/6602ea5ccb4c52938ef00b2bf7bf1628fa1a0c44782c631306848dd56ac18afd/detection/
MIT License. Copyright (c) 2020-2021 Strontic.