» meshservice.exe
Overview
Analysis
File Details
Programs (1)

meshservice.exe

Mesh Agent Service

sample

The executable meshservice.exe has been detected as malware by 17 anti-virus scanners. This file is typically installed with the program Manageability Developer Tool Kit by Open Source Community.

File name:

meshservice.exe

Publisher:

sample (signed and verified)

Product:

Mesh Agent Service

Version:

0.1.90.3

MD5:

fe51f7008926785ced249b94ccc86ed2

SHA-1:

f449a39600b06bae6511af0051a93faf7e3d3846

SHA-256:

9dcf45c7a31c3258bf69d391b7b3ec4c0da7abc5567c9e6cfbb22d9a8cd74e5e

Scanner detections:

17 / 68

Status:

Malware

Analysis date:

4/26/2024 8:48:18 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.12181081

795

avast!

Win32:Malware-gen

2014.9-141202

Baidu Antivirus

Trojan.Win32.Staser

4.0.3.14122

Bitdefender

Trojan.Generic.12181081

1.0.20.1680

Emsisoft Anti-Malware

Trojan.Generic.12181081

8.14.12.02.03

Fortinet FortiGate

W32/Staser.AQGY!tr

12/2/2014

F-Secure

Trojan.Generic.12181081

11.2014-02-12_3

G Data

Trojan.Generic.12181081

14.12.24

IKARUS anti.virus

Trojan.Win32.Staser

t3scan.1.8.3.0

K7 AntiVirus

Riskware

13.186.14191

Kaspersky

Trojan.Win32.Staser

14.0.0.2859

McAfee

Artemis!FE51F7008926

5600.6929

MicroWorld eScan

Trojan.Generic.12181081

15.0.0.1008

nProtect

Trojan.Generic.12181081

14.11.28.01

Panda Antivirus

Trj/Chgt.K

14.12.02.03

Quick Heal

Trojan.Staser.g5

12.14.14.00

Trend Micro House Call

TROJ_GEN.R047H07KL14

7.2.336

File size:

1.9 MB (2,026,048 bytes)

Product version:

0, 0, 0, 0

Original file name:

MeshAgent.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\open source\manageability developer tool kit\meshservice.exe

Digital Signature

Signed by:

sample

Authority:

sample

Valid from:

11/23/2009 5:10:45 PM

Valid to:

11/18/2029 5:10:45 PM

Subject:

CN=MasterRoot, O=sample, C=us

Issuer:

CN=MasterRoot, O=sample, C=us

Serial number:

00F0CED1D911C8459B

File PE Metadata

Compilation timestamp:

11/5/2014 8:06:18 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

12.0

CTPH (ssdeep):

49152:9edqG3zSRVXjo6yha2yVcKpqaejsdb9rt:9edqGgVBbVgbE

Entry address:

0x15ED43

Entry point:

E8, 30, DA, 00, 00, E9, 7B, FE, FF, FF, CC, CC, CC, 51, 8D, 4C, 24, 04, 2B, C8, 1B, C0, F7, D0, 23, C8, 8B, C4, 25, 00, F0, FF, FF, 3B, C8, 72, 0A, 8B, C1, 59, 94, 8B, 00, 89, 04, 24, C3, 2D, 00, 10, 00, 00, 85, 00, EB, E9, CC, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 7F, 0F, B6, 44, 24, 08, 0F, BA, 25, F0, D7, 5D, 00, 01, 73, 0D, 8B, 4C, 24, 0C, 57, 8B, 7C, 24, 08, F3, AA, EB, 5D, 8B, 54, 24, 0C, 81, FA, 80, 00, 00, 00, 7C, 0E, 0F, BA, 25, 84, 45, 5C, 00, 01, 0F, 82, AF, DA, 00, 00, 57... 
[+]

Entropy:

6.7664

Code size:

1.5 MB (1,531,904 bytes)

The file meshservice.exe has been discovered within the following program.

Manageability Developer Tool Kit by Open Source Community

opentools.homeip.net

About 3% of users remove it

Remove meshservice.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.