SystHeal.exe

Complete solution

GA TECHNOCARE TECHNOLOGY PRIVATE LIMITED

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘SystHeal’.
Publisher:

Product:
Complete solution

Version:
1.0.0.0

MD5:
a5aabc32b1f0a4070a4e314e7bd97994

SHA-1:
8f95b28bfb1378909aa239fe4d1b4873eb41d5ec

SHA-256:
1602d21e5ac195dc05a2fef3f1b7605400a3edd9c15c9abcd06e662b726e110e

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 12:05:05 PM UTC  (today)

File size:
3.2 MB (3,346,816 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2013

Original file name:
SystHeal.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\g.a. technocare technology pvt. ltd\systheal optimizer pro\systheal.exe

Digital Signature
Authority:
Thawte, Inc.

Valid from:
2/10/2014 12:00:00 AM

Valid to:
2/10/2015 11:59:59 PM

Subject:
CN=GA TECHNOCARE TECHNOLOGY PRIVATE LIMITED, OU=Digital Marketing, O=GA TECHNOCARE TECHNOLOGY PRIVATE LIMITED, L=BHAGALPUR, S=Bihar, C=IN

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
59D2BBECDF57EFC6E547385F35376FB4

File PE Metadata
Compilation timestamp:
6/3/2014 2:41:08 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
98304:b0PJC6vmg/78WUxy2JtZvS8KDrq3qjXInaSDKKKK9q:bWC5+78WUw9NXjIY

Entry address:
0x32F5AE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 04, 00, 03, 00, 00, 00, 30, 00, 00, 80, 0E, 00, 00, 00, 48, 00, 00, 80, 10, 00, 00, 00, 60, 00, 00, 80, 18, 00, 00, 00, 78, 00...
 
[+]

Entropy:
7.9445

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
3.2 MB (3,331,584 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
SystHeal

Command:
C:\Program Files\g.a. technocare technology pvt. ltd\systheal optimizer pro\systheal.exe


Scan SystHeal.exe - Powered by Reason Core Security