home

systemtray64.exe

SysTray Shortcut

Ahsay Systems Corporation Ltd.

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘OBSystemTray’.
Publisher:
Ahsay Systems Corporation Ltd.  (signed and verified)

Product:
SysTray Shortcut

Version:
5, 0, 0, 0

MD5:
699f7f2c3d59b684905509a92e2c7621

SHA-1:
bf47dc50310291c30d7e5018049f09b0f70265ad

SHA-256:
461fe0fe43df81d46a5fec742d07bf23e6d8ea74f3580d13c9d8a2b3459ae6a1

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 11:54:19 PM UTC  (a few moments ago)

File size:
508.5 KB (520,664 bytes)

Product version:
5, 0, 0, 0

Copyright:
Copyright (C) 2006

Original file name:
SysTray.EXE

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\ahsayobm\bin\systemtray64.exe

Digital Signature
Signed by:
Ahsay Systems Corporation Ltd.

Authority:
VeriSign, Inc.

Valid from:
12/9/2010 1:00:00 AM

Valid to:
2/12/2014 12:59:59 AM

Subject:
CN=Ahsay Systems Corporation Ltd., OU=Product Development, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Ahsay Systems Corporation Ltd., L=Hong Kong, S=Hong Kong, C=HK

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
360D8A8DDFCA3EA9A2EDD39C727E1DF4

File PE Metadata
Compilation timestamp:
5/6/2013 8:47:19 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
6144:4fSxg54vIi12jFydQ0uV4mTKyJibq4AJ9mlWBOlR/WgZORAy6jgDp6:Bxg54vIrydd64CjGJ/WgDjC6

Entry address:
0x37680

Entry point:
48, 83, EC, 28, E8, 17, 0D, 01, 00, 48, 83, C4, 28, E9, FE, FC, FF, FF, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 40, 53, 48, 83, EC, 60, 48, 8B, 05, A3, 70, 02, 00, 48, 8B, DA, 48, 8D, 54, 24, 20, 48, 89, 02, 48, 8B, 05, 99, 70, 02, 00, 48, 89, 42, 08, 48, 8B, 05, 96, 70, 02, 00, 48, 89, 42, 10, 48, 8B, 05, 93, 70, 02, 00, 48, 89, 42, 18, 48, 8B, 05, 90, 70, 02, 00, 48, 89, 42, 20, 48, 8B, 05, 8D, 70, 02, 00, 48, 89, 42, 28, 48, 8B, 05, 8A, 70, 02, 00, 48, 89, 42, 30, 48, 8B, 05, 87, 70, 02...
 
[+]

Code size:
332.5 KB (340,480 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
OBSystemTray

Command:
"C:\Program Files\ahsayobm\bin\systemtray64.exe"


Scan systemtray64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.