home

SystHeal.exe

Complete solution

GA TECHNOCARE TECHNOLOGY PRIVATE LIMITED

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘SystHeal’.
Publisher:
GA TECHNOCARE TECHNOLOGY PRIVATE LIMITED  (signed and verified)

Product:
Complete solution

Version:
1.0.0.0

MD5:
004318fdd53c5c514439d05281d59380

SHA-1:
218639013938a1a379a871e49de7ca45786ae29d

SHA-256:
7f92d6988db97201060c325f9c5f4f9188ef0920f2ab63c1cb47efb75599f8d4

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 7:23:37 PM UTC  (today)

File size:
3.1 MB (3,202,432 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2013

Original file name:
SystHeal.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\Program Files\g.a. technocare technology pvt. ltd\systheal optimizer pro\systheal.exe

Digital Signature
Signed by:
GA TECHNOCARE TECHNOLOGY PRIVATE LIMITED

Authority:
Thawte, Inc.

Valid from:
2/9/2014 7:00:00 PM

Valid to:
2/10/2015 6:59:59 PM

Subject:
CN=GA TECHNOCARE TECHNOLOGY PRIVATE LIMITED, OU=Digital Marketing, O=GA TECHNOCARE TECHNOLOGY PRIVATE LIMITED, L=BHAGALPUR, S=Bihar, C=IN

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
59D2BBECDF57EFC6E547385F35376FB4

File PE Metadata
Compilation timestamp:
5/19/2014 4:33:35 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
98304:f0PJC6vmg/78WUxy2JtZvS8KDrq3gQLaXKKKKgB:fWC5+78WUw9NQ

Entry address:
0x30C17E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9445

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
3 MB (3,187,200 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
SystHeal

Command:
C:\Program Files\g.a. technocare technology pvt. ltd\systheal optimizer pro\systheal.exe


Scan SystHeal.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.