home

PC_Health_Check_BackEnd.exe

PC Health Check

Sutherland Global Services, Inc.

Publisher:
Sutherland Global Services, Inc.  (signed and verified)

Product:
PC Health Check

Version:
1.09.0203

MD5:
20ff7d003e5b388629727f6250b1d4dc

SHA-1:
64b1304955585a08d8538ab5291e07eaa6b8e195

SHA-256:
a7b10c0d34e1f6a30cd0f6c954b0c14ab9c9297f26410e389ed32f1c31310e15

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/24/2024 8:10:54 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
BACKDOOR.Trojan
9.0.1.0207

File size:
1.6 MB (1,722,232 bytes)

Product version:
1.09.0203

Original file name:
PC_Health_Check_BackEnd.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\pc_health_check_backend.exe

Digital Signature
Signed by:
Sutherland Global Services, Inc.

Authority:
VeriSign, Inc.

Valid from:
7/14/2011 7:00:00 PM

Valid to:
7/16/2012 6:59:59 PM

Subject:
CN="Sutherland Global Services, Inc.", OU=GSI, OU=Digital ID Class 3 - Microsoft Software Validation v2, O="Sutherland Global Services, Inc.", L=Rochester, S=New York, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
71BD5EE90423A21C34BE1C90D95BBF46

File PE Metadata
Compilation timestamp:
10/5/2011 6:47:45 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:Ab9r67yPXiZw7/zDfOf78QpwTWyKrBXZnVZb3v2EsP7s:69riyPiZwPDmfQQpwTWyKr7b2EEg

Entry address:
0x11CA8

Entry point:
68, 28, 4C, 41, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 98, 0D, 44, 73, 1D, A0, A2, 46, 91, E9, 8A, 66, 3C, AB, 40, 43, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 46, 2D, 39, 31, 46, 36, 50, 43, 48, 43, 5F, 55, 49, 5F, 42, 61, 63, 6B, 65, 6E, 64, 00, 00, 00, 00, 00, FF, CC, 31, 00, 1C, 10, F0, D0, 02, DD, D7, 98, 44, A1, 26, 74, E7, 32, 77, C5, BA, A0, F5, 3D, 75, FD, 78, 15, 4C, 84, 6B, FD, 13, C5, 4E, 7C, 7C, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
5.7079

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
1.6 MB (1,699,840 bytes)

Scan PC_Health_Check_BackEnd.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.