home

IMDCSC.exe

Remote Service Application

Microsoft Corp.

The executable IMDCSC.exe has been detected as malware by 42 anti-virus scanners.
Publisher:
Microsoft Corp.

Product:
Remote Service Application

Version:
1, 0, 0, 1

MD5:
59d02958317d42466eb50153a73e7846

SHA-1:
8b63805bab6665f61afbe08776f4df07e6fb1fbd

SHA-256:
2f462723e971ac5766b6b2ba46f3bd9e9ed6135e21cb52b7277c084c699ea1ae

Scanner detections:
42 / 68

Status:
Malware

Analysis date:
4/26/2024 1:50:40 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Inject.AUZ
6373653

Agnitum Outpost
Trojan.Comet.Gen.LO
7.1.1

AhnLab V3 Security
Trojan/Win32.DelfInject
2015.03.27

Avira AntiVirus
BDS/DarkKomet.GR
3.6.1.96

avast!
Win32:Delf-SQI [Trj]
150319-1

AVG
BackDoor.Generic16
2016.0.3158

Bitdefender
Trojan.Inject.AUZ
1.0.20.430

Bkav FE
W32.OnGamesLTKVPOK.Trojan
1.3.0.4959

Clam AntiVirus
WIN.Trojan.DarkKomet
0.98/21511

Comodo Security
Backdoor.Win32.Agent.XAB
21554

Dr.Web
BackDoor.Comet.2020
9.0.1.05190

Emsisoft Anti-Malware
Trojan.Inject.AUZ
9.0.0.4799

ESET NOD32
Win32/Fynloski.AA trojan
7.0.302.0

Fortinet FortiGate
W32/DarkKomet.ID!tr.bdr
3/27/2015

F-Prot
W32/Downloader.C.gen
v6.4.6.5.141

F-Secure
Trojan.Inject.AUZ
5.13.68

G Data
Trojan.Inject.AUZ
15.3.25

herdProtect (fuzzy)
variant of how to hack facebook.exe
2015.7.2.0

IKARUS anti.virus
Backdoor.Win32.DarkKomet
t3scan.1.8.6.0

K7 AntiVirus
Backdoor
13.176.11451

Kaspersky
Backdoor.Win32.DarkKomet
15.0.0.543

Malwarebytes
Backdoor.Agent.DCRSAGen
v2015.03.27.06

McAfee
Generic BackDoor.xa
5600.6814

Microsoft Security Essentials
Threat.Undefined
1.195.475.0

MicroWorld eScan
Backdoor.Fynloski.C
16.0.0.258

NANO AntiVirus
Trojan.Win32.DarkKomet.cssoim
0.28.0.58394

Norman
Backdoor.Fynloski.C
03.12.2014 13:20:04

nProtect
Trojan/W32.Agent.673280.BU
14.03.15.01

Panda Antivirus
Trj/Packed.B
15.03.27.06

Qihoo 360 Security
Malware.QVM05.Gen
1.0.0.1015

Quick Heal
Backdoor.Fynloski.A9
3.15.12.00

Reason Heuristics
Threat.Win.Reputation.IMP
15.4.1.11

Rising Antivirus
PE:Backdoor.Pontoeb!1.6637
23.00.65.15325

Sophos
Troj/Backdr-ID
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Fynloski
9972

Total Defense
Win32/Fynloski.A!generic
37.0.11516

Trend Micro House Call
BKDR_FYNLOS.SMM
7.2.86

Trend Micro
BKDR_FYNLOS.SMM
10.465.27

Vba32 AntiVirus
Backdoor.DarkKomet
3.12.26.3

VIPRE Antivirus
Threat.4371328
38552

ViRobot
Backdoor.Win32.Agent.674304.A[h]
2014.3.20.0

Zillya! Antivirus
Trojan.Fynloski.Win32.3190
2.0.0.2118

File size:
658.5 KB (674,304 bytes)

Product version:
4, 0, 0, 0

Copyright:
Copyright (C) 1999

Original file name:
MSRSAAP.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
6/7/2012 6:59:53 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:y9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hP:eZ1xuVVjfFoynPaVBUR8f+kN10EBx

Entry address:
0x8F888

Entry point:
55, 8B, EC, B9, 30, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, 57, B8, E0, E3, 48, 00, E8, 2F, 7E, F7, FF, 33, C0, 55, 68, 56, 06, 49, 00, 64, FF, 30, 64, 89, 20, 6A, 00, E8, 2A, 07, F8, FF, A1, B0, 48, 49, 00, C6, 00, 01, E8, 21, B7, FF, FF, B2, 01, A1, 80, DE, 48, 00, E8, 19, E6, FF, FF, A3, E8, C3, 49, 00, 33, D2, 55, 68, 09, FA, 48, 00, 64, FF, 32, 64, 89, 22, 8D, 4D, EC, BA, 70, 06, 49, 00, A1, E8, C3, 49, 00, E8, 68, E6, FF, FF, 8B, 55, EC, A1, 38, 4B, 49, 00, E8, 7F, 5C, F7, FF, 8D, 55, E0...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
573 KB (586,752 bytes)

Remove IMDCSC.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.