home

hndserver.exe

The executable hndserver.exe has been detected as malware by 12 anti-virus scanners.
MD5:
d61fa4bf86a7028d5a4c19c837dc562f

SHA-1:
066560a132b1272994ee00bb49cd26a8e8249579

Scanner detections:
12 / 68

Status:
Malware

Analysis date:
4/26/2024 3:52:38 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Mabezat [Wrm]
160209-2

AVG
Win32/Mabezat
2015.0.4522

Dr.Web
Win32.HLLW.Tazebama
9.0.1.05190

Emsisoft Anti-Malware
Win32.Worm.Mabezat
10.0.0.5366

ESET NOD32
Win32/Mabezat.A virus
7.0.302.0

F-Prot
W32/Mabezat.A-1
4.6.5.141

Kaspersky
Worm.Win32.Mabezat
15.0.0.562

McAfee
Virus.W32/Mabezat.a
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.213.6222.0

Norman
Win32.Worm.Mabezat.G
03.02.2016 07:38:05

Sophos
Virus 'W32/Mabezat-B'
5.23

VIPRE Antivirus
Threat.303962
47028

File size:
3.7 MB (3,905,903 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\zyzoom - handycafe\crack\hndserver.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
49152:vDdDN0zy0xdxqYsJQHTHVlbIBvLRovjNcDa/h3bQL8L8D8a:vDNN0zhxfFsJulvj+obQL8L8DF

Entry address:
0x1CB4A0

Entry point:
BB, 98, AD, 5C, 00, FF, E3, 00, 89, 45, E4, 89, 45, E0, 89, 45, EC, 89, 45, E8, B8, 30, AC, 5C, 00, E8, DE, B8, E3, FF, 33, C0, 55, 68, 6C, B7, 5C, 00, 64, FF, 30, 64, 89, 20, 68, 78, B7, 5C, 00, 6A, 00, 68, 01, 00, 1F, 00, E8, BF, BE, E3, FF, A3, 68, 4A, 5D, 00, 83, 3D, 68, 4A, 5D, 00, 00, 0F, 85, 62, 02, 00, 00, 68, 78, B7, 5C, 00, 6A, 00, 6A, 00, E8, DF, BB, E3, FF, A3, 68, 4A, 5D, 00, 33, D2, 55, 68, 4A, B7, 5C, 00, 64, FF, 32, 64, 89, 22, E8, 37, F2, FF, FF, 84, C0, 0F, 84, CA, 01, 00, 00, B8, 90, B7...
 
[+]

Entropy:
6.2621

Remove hndserver.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.