» PC_Health_Check.exe
Overview
Analysis
File Details

PC_Health_Check.exe

PC Health Check

Sutherland Global Services, Inc.

The executable PC_Health_Check.exe has been detected as malware by 4 anti-virus scanners.

File name:

PC_Health_Check.exe

Publisher:

Sutherland Global Services, Inc. (signed and verified)

Product:

PC Health Check

Version:

1.09.0002

MD5:

3a3841ba1b6980ab71be3a7850ba5389

SHA-1:

5a476e3e6363a7a713215a174e64458d040fe364

SHA-256:

e7b64e04ef2f294126aa93d947d9c80b17c18902d7677b18d612f4156145b40d

Scanner detections:

4 / 68

Status:

Malware

Analysis date:

11/25/2024 2:51:58 AM UTC (today)

Scan engine

Detection

Engine version

Comodo Security

UnclassifiedMalware

8313

Dr.Web

BACKDOOR.Trojan

9.0.1.046

ESET NOD32

Win32/Genetik (variant)

11.6035

Sophos

Mal/VB-F

4.64

File size:

3 MB (3,107,448 bytes)

Product version:

1.09.0002

Original file name:

PC_Health_Check.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\pc_health_check.exe

Digital Signature

Signed by:

Sutherland Global Services, Inc.

Authority:

VeriSign, Inc.

Valid from:

7/16/2010 8:00:00 PM

Valid to:

7/17/2011 7:59:59 PM

Subject:

CN="Sutherland Global Services, Inc.", OU=GSI, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Sutherland Global Services, Inc.", L=Rochester, S=New York, C=US

Issuer:

CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:

2E74A7AEFDAE01D74A58E3F10265B01D

File PE Metadata

Compilation timestamp:

3/1/2011 8:06:11 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

Entry address:

0x830C

Entry point:

68, 80, BD, 60, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, 52, C0, 0D, 4C, 79, 2E, 72, 49, A3, BD, 97, 90, 30, DF, 6B, BE, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 50, 43, 48, 43, 5F, 55, 49, 00, 00, 00, 00, 00, FF, CC, 31, 00, F9, 57, AC, 52, C3, CD, 17, DD, 42, BE, 88, CD, 3D, 82, 2F, F0, ED, 49, 43, BB, F2, C0, E6, F4, 4B, 8D, 28, CA, FA, 33, BB, BB, 58, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00, AA, 00, 60, D3, 93, 00, 00, 00... 
[+]

Entropy:

6.9908

Developed / compiled with:

Microsoft Visual Basic v5.0/v6.0

Code size:

2.9 MB (3,084,288 bytes)

Remove PC_Health_Check.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.