home

systemtray64.exe

SysTray Shortcut

Ahsay Systems Corporation Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘OBASystemTray’.
Publisher:
Ahsay Systems Corporation Ltd.  (signed and verified)

Product:
SysTray Shortcut

Version:
5, 0, 0, 0

MD5:
f096038b766e68bd8dd9a8381eff9375

SHA-1:
8cf959e3dd529bca4f14f3e98136b5071ff3bc32

SHA-256:
9e537e6e8485c05db0f8d56f443fb168c624a1187b75047f13ebd9a9600db7eb

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 2:38:04 PM UTC  (today)

File size:
508.4 KB (520,648 bytes)

Product version:
5, 0, 0, 0

Copyright:
Copyright (C) 2006

Original file name:
SysTray.EXE

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\clurk backup solo\bin\systemtray64.exe

Digital Signature
Signed by:
Ahsay Systems Corporation Ltd.

Authority:
VeriSign, Inc.

Valid from:
12/9/2010 1:00:00 AM

Valid to:
2/12/2014 12:59:59 AM

Subject:
CN=Ahsay Systems Corporation Ltd., OU=Product Development, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Ahsay Systems Corporation Ltd., L=Hong Kong, S=Hong Kong, C=HK

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
360D8A8DDFCA3EA9A2EDD39C727E1DF4

File PE Metadata
Compilation timestamp:
10/23/2013 9:16:08 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

Entry address:
0x37680

Entry point:
48, 83, EC, 28, E8, 17, 0D, 01, 00, 48, 83, C4, 28, E9, FE, FC, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 40, 53, 48, 83, EC, 60, 48, 8B, 05, A3, 70, 02, 00, 48, 8B, DA, 48, 8D, 54, 24, 20, 48, 89, 02, 48, 8B, 05, 99, 70, 02, 00, 48, 89, 42, 08, 48, 8B, 05, 96, 70, 02, 00, 48, 89, 42, 10, 48, 8B, 05, 93, 70, 02, 00, 48, 89, 42, 18, 48, 8B, 05, 90, 70, 02, 00, 48, 89, 42, 20, 48, 8B, 05, 8D, 70, 02, 00, 48, 89, 42, 28, 48, 8B, 05, 8A, 70, 02, 00, 48, 89, 42, 30, 48, 8B, 05, 87, 70, 02...
 
[+]

Code size:
332.5 KB (340,480 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
OBASystemTray

Command:
"C:\Program Files\clurk backup solo\bin\systemtray64.exe"


Scan systemtray64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.