home

backupadminx64.exe

Backup for Workgroups

Lockstep Systems, Inc.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Backup for Workgroups’.
Publisher:
Lockstep Systems, Inc  (signed by Lockstep Systems, Inc.)

Product:
Backup for Workgroups

Version:
6.0.0.110422

MD5:
a66b4a6851fe009e3508e197270d380b

SHA-1:
2f1325c1f5c57cfd6e9829239a2baecba91c35b8

SHA-256:
760970a45fe0fd5d2beaa1e5c0c8c1fee99f5ac8a32e661b4c230177a44c4e3a

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/24/2024 10:02:01 PM UTC  (today)

File size:
1.7 MB (1,741,136 bytes)

Product version:
6.0.0.110422

Copyright:
Copyright © 2002-2011

Trademarks:
Backup for Workgroups is the trademark of Lockstep Systems, Inc.

Original file name:
BackupAdmin.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\lockstep\backupforworkgroups\backupadminx64.exe

Digital Signature
Signed by:
Lockstep Systems, Inc.

Authority:
The USERTRUST Network

Valid from:
6/3/2010 5:00:00 PM

Valid to:
6/3/2012 4:59:59 PM

Subject:
CN="Lockstep Systems, Inc.", O="Lockstep Systems, Inc.", STREET=6835 E. Meadowlark Lane, L=Paradise Valley, S=AZ, PostalCode=85253, C=US

Issuer:
CN=UTN-USERFirst-Object, OU=http://www.usertrust.com, O=The USERTRUST Network, L=Salt Lake City, S=UT, C=US

Serial number:
06B434ABB2C6C26DD08F254B9A920430

File PE Metadata
Compilation timestamp:
4/22/2011 3:23:02 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:2TqG9Jpo18QZsBYcImcA1d5DAQuNuvfbg374nZ0ykE7MF:2T3JwZsBYcImcA1dZuNe0374nZ0ykEy

Entry address:
0x809E0

Entry point:
48, 83, EC, 28, E8, 67, 5A, 00, 00, 48, 83, C4, 28, E9, 0E, FD, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 40, 53, 48, 83, EC, 20, 41, 8B, 00, 48, 8B, DA, 4C, 8B, C9, 44, 8B, D8, 4C, 8B, D1, 41, 83, E3, F8, A8, 04, 74, 13, 41, 8B, 40, 08, 4D, 63, 50, 04, F7, D8, 4C, 03, D1, 48, 63, C8, 4C, 23, D1, 49, 63, C3, 4A, 8B, 14, 10, 48, 8B, 43, 10, 8B, 48, 08, 48, 03, 4B, 08, 0F, B6, 41, 03, A8, 0F, 74, 0B, 0F, B6, C0, 83, E0, F0, 48, 98, 4C, 03, C8, 4C, 33, CA, 49, 8B, C9, 48, 83, C4, 20, 5B...
 
[+]

Entropy:
6.2662

Code size:
554.5 KB (567,808 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Backup for Workgroups

Command:
"C:\Program Files\lockstep\backupforworkgroups\backupadminx64.exe" -iconmode


Scan backupadminx64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.