sait.exe

SAIT-ERP Software Administrativo

Microsistemas San Luis SA de CV

This is a setup program which is used to install the application. The file has been seen being downloaded from www.sait.com.mx.
Publisher:
Microsistemas San Luis SA de CV

Product:
SAIT-ERP Software Administrativo

Version:
2015.0.0

MD5:
9c270c6e70d17eeefca190d0e1bd8276

SHA-1:
d17d0de794e1f620bd7bdfb390ff9d6ebbd77145

SHA-256:
6be8d97476fe791eeb6610b9ef3dba04076f11d3dc8e24c2f0733589622e5639

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
11/15/2024 3:00:01 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
HW32.Packed
1.3.0.6379

Trend Micro House Call
Suspicious_GEN.F47V0418
7.2.211

File size:
2.4 MB (2,520,752 bytes)

Product version:
2015.0.0

Copyright:
2000-2013 por SAIT Software

Trademarks:
SAIT es una marca registrada por Microsistemas San Luis SA de CV

Original file name:
sait.exe

File type:
Executable application (Win32 EXE)

Language:
Spanish (Mexico)

Common path:
C:\users\{user}\downloads\sait.exe

File PE Metadata
Compilation timestamp:
5/7/1999 7:04:20 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.12

CTPH (ssdeep):
49152:lStr7DJSxOxen+jnJE/Uo41hQ2IBunVaNe1knUHXG:lSh7DoxF3R41hQ2ncCknUXG

Entry address:
0x4013

Entry point:
E8, CF, 00, 00, 00, C3, 68, EB, 01, E9, 8B, 85, DC, 00, 00, 00, 50, 8B, 85, E4, 00, 00, 00, 8B, 30, FF, D6, 89, 85, D8, 00, 00, 00, EB, 01, E9, EB, 01, E9, 8D, 85, F0, 00, 00, 00, 50, EB, 01, E9, 8B, 85, D8, 00, 00, 00, 50, EB, 01, E9, 8B, 85, E0, 00, 00, 00, 8B, 30, EB, 01, E9, FF, D6, 89, 85, D4, 00, 00, 00, EB, 01, E9, 8D, 85, D0, 00, 00, 00, 50, 6A, 04, 68, 00, 10, 00, 00, 68, 00, 00, 40, 00, 8B, B5, D4, 00, 00, 00, FF, D6, EB, 01, E9, B9, 00, 00, 40, 00, 8B, 41, 3C, 03, C8, 83, C1, 18, 8B, 41, 38, 89...
 
[+]

Entropy:
7.9993  (probably packed)

Code size:
58.5 KB (59,904 bytes)

The file sait.exe has been seen being distributed by the following URL.

Scan sait.exe - Powered by Reason Core Security