» jogoboxservice.exe
Overview
Analysis
File Details
Behaviors (1)

jogoboxservice.exe

Tibaco International B.V.

The executable jogoboxservice.exe has been detected as malware by 11 anti-virus scanners. It runs as a windows Service named “TWEService”.

File name:

jogoboxservice.exe

Publisher:

Tibaco International B.V. (signed and verified)

MD5:

6d697c60b27ad7f3f367cfb1abf77419

SHA-1:

a1ef12977d9935c62f08f8eb05ecc9b28b88ac0c

SHA-256:

9c4272b708837ebf954c1cbbd15ff4a6445364309e1f0e4823ff05429facd6e8

Scanner detections:

11 / 68

Status:

Malware

Analysis date:

4/26/2024 9:34:15 PM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:GenMalicious-BFP [Trj]

160327-1

Dr.Web

Win32.FloodFix.7

9.0.1.05190

Emsisoft Anti-Malware

Win32.Floxif

11.5.0.6191

ESET NOD32

Win32/Floxif.H virus

7.0.302.0

F-Prot

W32/Floxif.B

4.6.5.141

F-Secure

Win32.Floxif.A

5.15.21

Kaspersky

Virus.Win32.Pioneer

15.0.0.562

McAfee

Trojan.Dropper-FIY!6D697C60B27A

18.0.204.0

Microsoft Security Essentials

Threat.Undefined

1.219.1500.0

Norman

Win32.Floxif.A

02.04.2016 17:35:19

Sophos

Virus 'W32/Floxif-C'

5.23

File size:

227 KB (232,413 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\jogobox\jogoboxservice.exe

Digital Signature

Signed by:

Tibaco International B.V.

Authority:

Thawte, Inc.

Valid from:

2/26/2013 7:00:00 AM

Valid to:

4/28/2014 6:59:59 AM

Subject:

CN=Tibaco International B.V., O=Tibaco International B.V., L=Eindhoven, S=Noord-Brabant, C=NL

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

377C850A7C23AC64B2A986510C814385

File PE Metadata

Compilation timestamp:

7/9/2013 3:50:09 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

10.0

CTPH (ssdeep):

6144:Oi29pkOyYOaCds/8Am4bhKsQvMRlkM4RD/qzMfUR:t2AXrds/8No2MRGM4h/qofk

Entry address:

0x99E0

Entry point:

E9, E0, 43, 00, 00, E9, 95, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 20, 8B, 45, 08, 56, 57, 6A, 08, 59, BE, 4C, D5, 41, 00, 8D, 7D, E0, F3, A5, 89, 45, F8, 8B, 45, 0C, 5F, 89, 45, FC, 5E, 85, C0, 74, 0C, F6, 00, 08, 74, 07, C7, 45, F4, 00, 40, 99, 01, 8D, 45, F4, 50, FF, 75, F0, FF, 75, E4, FF, 75, E0, FF, 15, 80, D1, 41, 00, C9, C2, 08, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 33, C9, 3B, 04, CD, F8, 43, 42, 00, 74, 13, 41, 83, F9, 2D, 72, F1, 8D, 48, ED, 83, F9, 11, 77, 0E, 6A, 0D, 58, 5D, C3, 8B, 04, CD, FC... 
[+]

Entropy:

7.2195

Packer / compiler:

Xtreme-Protector v1.05

Code size:

109 KB (111,616 bytes)

Service

Display name:

TWEService

Type:

Win32OwnProcess, InteractiveProcess

Remove jogoboxservice.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.