SystemInformation.exe

SystemInformation

The executable SystemInformation.exe has been detected as malware by 16 anti-virus scanners. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘SystemInfo’.
Product:
SystemInformation

Version:
1.0.0.0

MD5:
38a4dbd5bf3d26ea63eb182024c0e631

SHA-1:
f179729709291b63e006f78f67943805b11d1849

SHA-256:
2f961882370acb171559af582cc6ec33f0248d197030279dc1112df32fe04f47

Scanner detections:
16 / 68

Status:
Malware

Analysis date:
11/29/2024 4:39:52 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.3091011
-41

Avira AntiVirus
TR/Agent.33792.352
8.3.3.2

Arcabit
Trojan.Generic.D2F2A43
1.0.0.662

Bitdefender
Trojan.GenericKD.3091011
1.0.20.375

Emsisoft Anti-Malware
Trojan.GenericKD.3091011
8.17.03.16.12

F-Secure
Trojan.GenericKD.3091011
11.2017-16-03_5

G Data
Trojan.GenericKD.3091011
17.3.25

IKARUS anti.virus
Trojan.Agent
t3scan.2.0.9.0

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.-1318

McAfee
Artemis!38A4DBD5BF3D
5600.6093

MicroWorld eScan
Trojan.GenericKD.3091011
18.0.0.225

nProtect
Trojan.GenericKD.3091011
16.03.18.01

Panda Antivirus
Trj/GdSda.A
17.03.16.12

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1120

Rising Antivirus
PE:Malware.Generic/QRS!1.9E2D [F]
23.00.65.17314

Trend Micro
TROJ_GEN.R00UC0OCG16
10.465.16

File size:
33 KB (33,792 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2014

Original file name:
SystemInformation.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\public\systeminformation.exe

File PE Metadata
Compilation timestamp:
5/13/2015 9:45:47 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

Entry address:
0x8E3E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.6228

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
28 KB (28,672 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
SystemInfo

Command:
C:\users\public\systeminformation.exe


Remove SystemInformation.exe - Powered by Reason Core Security