» exedbantimalware.exe
Overview
Analysis
File Details
Programs (1)
Network (1)

exedbantimalware.exe

Exedb Anti Malware

www.exedb.com

The executable exedbantimalware.exe has been detected as malware by 8 anti-virus scanners. This file is typically installed with the program Exedb Anti Malware Scanner by File Info. While running, it connects to the Internet address ip-208-109-101-35.ip.secureserver.net on port 80 using the HTTP protocol.

File name:

Publisher:

www.exedb.com

Product:

Exedb Anti Malware

Version:

4.00.0367

MD5:

fffff633fc2ded2e935ca7f4c39add13

SHA-1:

a8e4d5edb49ac9eb95c7a64eeac8f5f7020ea94c

SHA-256:

54d25319960b18af271814bdd53d6dce0a31adc0e180058be8bb47192340bee6

Scanner detections:

8 / 68

Status:

Malware

Analysis date:

5/4/2024 6:20:03 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Barys.1156

1020

avast!

Win32:Malware-gen

2014.9-140421

Bitdefender

Gen:Variant.Barys.1156

1.0.20.555

Emsisoft Anti-Malware

Gen:Variant.Barys.1156

8.14.04.21.02

F-Secure

Gen:Variant.Barys.1156

11.2014-21-04_2

G Data

Gen:Variant.Barys.1156

14.4.24

MicroWorld eScan

Gen:Variant.Barys.1156

15.0.0.333

Qihoo 360 Security

Win32/Trojan.bd2

1.0.0.1015

File size:

2.3 MB (2,453,504 bytes)

Product version:

4.00.0367

www.exedb.com

Trademarks:

www.exedb.com

Original file name:

exedbantimalware.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\exedb\exedb anti malware scanner\exedbantimalware.exe

File PE Metadata

Compilation timestamp:

4/8/2014 12:02:15 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

24576:s3XTPlVbXjiyOkewktG00v+VJWGjmPkZP:UjPHjiyOFVWGjmPkd

Entry address:

0x1380

Entry point:

68, 40, 46, 40, 00, E8, F0, FF, FF, FF, 00, 00, 48, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, C3, 48, 6C, D7, 09, A7, A3, 41, A1, F5, 1C, 20, 0A, 29, 53, 3D, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 42, 00, 86, 50, 82, 01, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, 00, 00, 00, F4, 4C, 83, 05, 00, 00, 00, 00, D0, B1, 88, 02, C0, 00, 00, 00, 90, 00, 00, 00, 00, 00, 00, 00, 02, 00, 00, 00, 2A, 00, 00, 00, 57, 63, 5C, 8E, F2, C7, 4F, 4C, 9F, 97, 19, 03, BE, 96, 50, 5D, 01, 00, 00, 00, A0, 00, 00, 00... 
[+]

Entropy:

3.8518

Developed / compiled with:

Microsoft Visual Basic v5.0

Code size:

2.3 MB (2,445,312 bytes)

The file exedbantimalware.exe has been discovered within the following program.

Exedb Anti Malware Scanner by File Info

55% remove it

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):

Connects to ip-208-109-101-35.ip.secureserver.net (208.109.101.35:80)

Remove exedbantimalware.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.