POSManager.exe

POS Security Service Manager

SoftForum Co. LTD.

It runs as a windows Service named “POS Keyboard Security Service”.
Publisher:
SoftForum Co. LTD.  (signed and verified)

Product:
POS Security Service Manager

Version:
1, 0, 1, 9

MD5:
0eef96327ba97c9051246bd92987a19e

SHA-1:
5a8188c3e688f05d1fd0a62827f008e91ae9cdfd

SHA-256:
9465bfb77a932e9f70580f49a81844421a11d0078271fd613546733c58341815

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
12/28/2024 6:06:16 PM UTC  (today)

Scan engine
Detection
Engine version

IKARUS anti.virus
Trojan-Dropper.Win32.Dapato
t3scan.2.0.9.0

File size:
270 KB (276,432 bytes)

Product version:
1, 0, 1, 9

Copyright:
Copyright (C) 2010

Original file name:
POSManager.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\windows\syswow64\posmanager.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
4/22/2010 9:00:00 AM

Valid to:
6/22/2011 8:59:59 AM

Subject:
CN=SoftForum Co. LTD., OU=Digital ID Class 3 - Microsoft Software Validation v2, O=SoftForum Co. LTD., L=Gangnam-gu, S=Seoul, C=KR

Issuer:
CN=VeriSign Class 3 Code Signing 2009-2 CA, OU=Terms of use at https://www.verisign.com/rpa (c)09, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1977E171DA634F0F85BDAA1CDE281CE3

File PE Metadata
Compilation timestamp:
5/18/2011 3:38:57 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:C+WsSYwuD0a/7Xj/2R55QFIVG4JPCKFpki:vSShjfFIM4x0i

Entry address:
0x16C56

Entry point:
E8, 20, 98, 00, 00, E9, 16, FE, FF, FF, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84, C0, 74, 4E, F7, C1, 03, 00, 00, 00, 75, EF, 05, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8D, A4, 24, 00, 00, 00, 00, 8B, 01, BA, FF, FE, FE, 7E, 03, D0, 83, F0, FF, 33, C2, 83, C1, 04, A9, 00, 01, 01, 81, 74, E8, 8B, 41, FC, 84, C0, 74, 32, 84, E4, 74, 24, A9, 00, 00, FF, 00, 74, 13, A9, 00, 00, 00, FF, 74, 02, EB, CD, 8D, 41, FF, 8B, 4C, 24, 04, 2B, C1, C3, 8D, 41, FE, 8B, 4C, 24, 04, 2B, C1...
 
[+]

Entropy:
6.1512

Code size:
156 KB (159,744 bytes)

Service
Display name:
POS Keyboard Security Service

Service name:
POS Security

Type:
Win32OwnProcess, InteractiveProcess


Scan POSManager.exe - Powered by Reason Core Security