home

injector3.6.exe

Remote Service Application

Microsoft Corp.

The executable injector3.6.exe has been detected as malware by 40 anti-virus scanners.
Publisher:
Microsoft Corp.

Product:
Remote Service Application

Version:
1, 0, 0, 1

MD5:
cebd53ff64a77fbea062ac77d6b04b2a

SHA-1:
cd54c7d8cba5b74215c97d5c79ce09f4b3346352

SHA-256:
2429d3c6fa19a12216843342612dc38db2926f9ef6dd1e1ab3443142d595d830

Scanner detections:
40 / 68

Status:
Malware

Analysis date:
4/20/2024 5:08:30 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Inject.AUZ
6561816

Agnitum Outpost
Trojan.Comet.Gen.LO
7.1.1

AhnLab V3 Security
Trojan/Win32.DelfInject
2015.02.28

Avira AntiVirus
BDS/DarkKomet.GR
7.11.212.228

avast!
Win32:Delf-SQI [Trj]
150101-1

AVG
BackDoor.Generic16
2016.0.3185

Bitdefender
Trojan.Inject.AUZ
1.0.20.290

Bkav FE
W32.OnGamesLTKVPOK.Trojan
1.3.0.6379

Clam AntiVirus
WIN.Trojan.DarkKomet
0.98/20120

Comodo Security
Backdoor.Win32.Agent.XAB
21233

Dr.Web
BackDoor.Comet.2020
9.0.1.058

Emsisoft Anti-Malware
Trojan.Inject.AUZ
9.0.0.4799

ESET NOD32
Win32/Fynloski.AA trojan
7.0.302.0

Fortinet FortiGate
W32/DarkKomet.ID!tr.bdr
2/27/2015

F-Prot
W32/Downloader.C.gen
v6.4.7.1.166

F-Secure
Trojan.Inject.AUZ
5.13.68

G Data
Trojan.Inject.AUZ
15.2.25

IKARUS anti.virus
Backdoor.Win32.DarkKomet
t3scan.1.8.6.0

K7 AntiVirus
Backdoor
13.1915113

Kaspersky
Backdoor.Win32.DarkKomet
15.0.0.543

Malwarebytes
Backdoor.Agent.DCRSAGen
v2015.02.27.08

McAfee
Trojan.Generic BackDoor.xa
16.8.708.2

Microsoft Security Essentials
Threat.Undefined
1.193.1194.0

MicroWorld eScan
Trojan.Inject.AUZ
16.0.0.174

NANO AntiVirus
Trojan.Win32.DarkKomet.cssoim
0.30.0.296

Norman
Backdoor.Fynloski.C
03.12.2014 13:20:04

nProtect
Trojan/W32.Agent.774144.HJ
15.02.27.01

Panda Antivirus
Trj/Packed.B
15.02.27.08

Quick Heal
Backdoor.Fynloski.A9
2.15.14.00

Reason Heuristics
Threat.Win.Reputation.IMP
15.2.27.20

Rising Antivirus
PE:Backdoor.Pontoeb!1.6637
23.00.65.15225

Sophos
Virus 'Troj/Backdr-ID'
5.11

SUPERAntiSpyware
Backdoor.Fynloski
10027

Total Defense
Win32/Fynloski.A!generic
37.0.11467

Trend Micro House Call
BKDR_FYNLOS.SMM
7.2.58

Trend Micro
BKDR_FYNLOS.SMM
10.465.27

Vba32 AntiVirus
Backdoor.DarkKomet
3.12.26.3

VIPRE Antivirus
Threat.4733922
37788

ViRobot
Backdoor.Win32.Agent.674304.A[h]
2014.3.20.0

Zillya! Antivirus
Trojan.Fynloski.Win32.3190
2.0.0.2084

File size:
756 KB (774,144 bytes)

Product version:
4, 0, 0, 0

Copyright:
Copyright (C) 1999

Original file name:
MSRSAAP.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
6/7/2012 9:59:53 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:L9HFJ9rJxRX1uVVjoaWSoynxdO1FVBaOiRZTERfIhNkNCCLo9Ek5C/hdnkk:FZ1xuVVjfFoynPaVBUR8f+kN10EBHkk

Entry address:
0x8F888

Entry point:
55, 8B, EC, B9, 30, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 51, 53, 56, 57, B8, E0, E3, 48, 00, E8, 2F, 7E, F7, FF, 33, C0, 55, 68, 56, 06, 49, 00, 64, FF, 30, 64, 89, 20, 6A, 00, E8, 2A, 07, F8, FF, A1, B0, 48, 49, 00, C6, 00, 01, E8, 21, B7, FF, FF, B2, 01, A1, 80, DE, 48, 00, E8, 19, E6, FF, FF, A3, E8, C3, 49, 00, 33, D2, 55, 68, 09, FA, 48, 00, 64, FF, 32, 64, 89, 22, 8D, 4D, EC, BA, 70, 06, 49, 00, A1, E8, C3, 49, 00, E8, 68, E6, FF, FF, 8B, 55, EC, A1, 38, 4B, 49, 00, E8, 7F, 5C, F7, FF, 8D, 55, E0...
 
[+]

Entropy:
6.5126

Developed / compiled with:
Microsoft Visual C++

Code size:
573 KB (586,752 bytes)

Remove injector3.6.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.