sakhteman.exe

Hesabdari Sakhteman Mandegar

Mandegar System

It runs as a scheduled task under the Windows Task Scheduler.
Scan sakhteman.exe - Powered by Reason Core Security
Publisher:
Mandegar System

Product:
Hesabdari Sakhteman Mandegar

Version:
1.00

MD5:
b1c4ec3a380ba86a796d3113aa25be79

SHA-1:
342e3a0d6ad0a67b3d862698c55b8a25d3ff880c

SHA-256:
316a943cb7d4c28bfd86af30a1e40d3cde4e4583e756b00c9606644edee8cad8

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
12/9/2016 2:33:50 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Packed/PECompact
7.1.1

Bkav FE
HW32.CDB
1.3.0.4959

File size:
1.1 MB (1,121,280 bytes)

Product version:
1.00

Original file name:
sakhteman.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
10/31/2013 1:31:29 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:VOBrMFtHVSOn0Ln53NVEGaxg2KEG6/Z/lpLgmFa6drwlOTj/3UYm:VGAFtHVgL5pa6RAZ91/drGOTbDm

Entry address:
0x10140

Entry point:
B8, E0, 30, D4, 00, 50, 64, FF, 35, 00, 00, 00, 00, 64, 89, 25, 00, 00, 00, 00, 33, C0, 89, 08, 50, 45, 43, 6F, 6D, 70, 61, 63, 74, 32, 00, 11, D2, 70, E9, 7C, BD, 9E, 7A, 5C, 3D, A5, 12, 5D, B9, C7, 66, 5D, E3, 3F, A5, 61, A1, 93, 41, 63, 26, 2A, 33, 9E, 6B, 31, A8, A2, 66, AB, 5A, 1F, E7, 6C, 4A, DF, 20, 32, B8, B8, 91, 43, 0D, E1, 97, 08, F9, 87, 5E, FD, AF, A1, 18, 4C, F8, A3, C7, 05, 80, 6B, A4, A4, 6A, F1, F8, C2, 3B, 23, 1D, 97, 8B, BC, 8B, 09, 98, 48, 56, 0B, 0E, 1F, BF, FC, D9, 8A, CC, 4A, E9, 4A...
 
[+]

Entropy:
7.9959

Packer / compiler:
PECompact v2

Code size:
9 MB (9,412,608 bytes)

Scheduled Task
Task name:
{1407A18C-6B34-48B6-A0C4-3B1981BA9E05}

Trigger:
Registration (Runs on registration)


Scan sakhteman.exe - Powered by Reason Core Security