home

systemexplorer.exe

System Explorer

Miroslav Topolar

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘SystemExplorerAutoStart’.
Publisher:
Mister Group  (signed by Miroslav Topolar)

Product:
System Explorer

Version:
2.8.2.3603

MD5:
493ad9ffa3b4d4ca98c5d8c33dd14662

SHA-1:
86cc999d46e792489f7742ff377deefb472d358d

SHA-256:
be0b42469358c49a3f9e864ebd0fb7415282f8abcb3a271ecdceab42dbec86aa

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/25/2024 1:19:52 AM UTC  (today)

File size:
2.5 MB (2,596,680 bytes)

Product version:
2.8

Copyright:
(c) Mister Group

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\compressed\system-explorer-portable\systemexplorer.exe

Digital Signature
Signed by:
Miroslav Topolar

Authority:
GlobalSign nv-sa

Valid from:
3/24/2011 3:45:27 AM

Valid to:
3/24/2012 3:45:23 AM

Subject:
CN=Miroslav Topolar, O=Miroslav Topolar, L=Vyskov, S=Czech Republic, C=CZ

Issuer:
CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:
0100000000012EE7BC6FEF

File PE Metadata
Compilation timestamp:
6/2/2011 1:50:56 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:a6So/zx12q0THW0srrovxricYHmoORgVI7s7:a6FEHCrrCYHoGVI47

Entry address:
0x1C3AE4

Entry point:
55, 8B, EC, 83, C4, F0, B8, 78, 08, 5C, 00, E8, 04, 41, E4, FF, 33, C0, 55, 68, 1C, 3B, 5C, 00, 64, FF, 30, 64, 89, 20, E8, 71, 33, FC, FF, 6A, 00, E8, 4E, 33, EC, FF, 33, C0, 5A, 59, 59, 64, 89, 10, 68, 23, 3B, 5C, 00, C3, E9, 4B, 12, E4, FF, EB, F8, E8, 04, 18, E4, FF, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.8056

Developed / compiled with:
Microsoft Visual C++

Code size:
1.8 MB (1,842,688 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
SystemExplorerAutoStart

Command:
"C:\users\{user}\downloads\compressed\system-explorer-portable\systemexplorer.exe" \tray


Scan systemexplorer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.