home

sttray.exe

IDT PC Audio

IDT, Inc.

The executable sttray.exe has been detected as malware by 2 anti-virus scanners. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘SysTrayApp’.
Publisher:
IDT, Inc.

Product:
IDT PC Audio

Version:
1.0.6433.0

MD5:
3f1430d841b0de15728053c080204919

SHA-1:
5d5c599f71e713869e63e9e496fdcfee64938acc

SHA-256:
5f307883adc3076e1e6d15c5800ae49b67492d8d198b4f5f5334a772627f5b1f

Scanner detections:
2 / 68

Status:
Malware

Analysis date:
4/26/2024 10:04:06 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Floxif.H virus
6.3.12010.0

F-Secure
Win32.Floxif.A
5.16.24

File size:
1.7 MB (1,745,443 bytes)

Product version:
1.0.6433.0

Copyright:
Copyright © 2004 - 2009 IDT, Inc.

Trademarks:
IDT PC Audio

Original file name:
sttray.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\idt\wdm\sttray.exe

File PE Metadata
Compilation timestamp:
10/25/2012 9:11:46 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x17057

Entry point:
E9, 00, ED, FF, FF, 68, F0, BF, 41, 00, 68, E0, 74, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, 5F, 57, FF, 15, 2C, A6, 41, 00, 59, 83, 0D, F8, 4C, 42, 00, FF, 83, 0D, FC, 4C, 42, 00, FF, FF, 15, 28, A6, 41, 00, 8B, 0D, DC, 4C, 42, 00, 89, 08, FF, 15, 24, A6, 41, 00, 8B, 0D, D8, 4C, 42, 00, 89, 08, A1, 20, A6, 41, 00, 8B, 00, A3, F4, 4C, 42, 00, E8, 05, 04, 00, 00, 39, 1D, C8, 28, 42, 00, 75, 0C, 68, CA, 74, 41, 00, FF, 15...
 
[+]

Entropy:
5.3094

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
100 KB (102,400 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
SysTrayApp

Command:
C:\Program Files\idt\wdm\sttray.exe


Remove sttray.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.