» pstubxx.exe
Overview
Analysis
File Details

pstubxx.exe

The executable pstubxx.exe has been detected as malware by 12 anti-virus scanners. Infected by the Parite virus, a polymorphic file infecting virus that infects all portable EXE and SCR files found on local and shared network drives.

File name:

pstubxx.exe

MD5:

8c09d2f7180ffb2fc32b339bdbd7e258

SHA-1:

59c6e5f2150118dd654b9c6811d95bb20817e21a

Scanner detections:

12 / 68

Status:

File is infected by a Virus

Explanation:

The file is infected by a polymorphic file infector virus.

Analysis date:

4/18/2024 8:09:39 AM UTC (today)

Scan engine

Detection

Engine version

avast!

Win32:Parite

160213-1

AVG

Win32/Parite

2015.0.4522

Dr.Web

Win32.Parite.2

9.0.1.05190

Emsisoft Anti-Malware

Win32.Parite

10.0.0.5366

ESET NOD32

Win32/Parite.B virus

7.0.302.0

F-Prot

W32/Parite.B

4.6.5.141

Kaspersky

Virus.Win32.Parite

15.0.0.562

McAfee

Virus.W32/Pate.b

18.0.204.0

Microsoft Security Essentials

Threat.Undefined

1.213.6208.0

Norman

Win32.Parite.B

03.12.2014 13:20:04

Sophos

Virus 'W32/Parite-B'

5.23

VIPRE Antivirus

Threat.46249

47186

File size:

215.5 KB (220,634 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\pstubxx.exe

File PE Metadata

Compilation timestamp:

5/3/2010 6:54:09 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:fN5m1GqUimIWE6THQh3utAU/U4WF81amLLzPSxNtRl:fmAVLbxAUVWF81akzqLfl

Entry address:

0xF000

Entry point:

68, 8A, 3C, 1E, 00, 58, 90, 68, 20, F0, 40, 00, 5A, 90, 90, BE, 98, 05, 00, 00, 90, 31, 04, 32, 90, 90, 83, EE, 02, 83, EE, 02, 90, 90, 75, F1, 62, 41, 1F, 00, 8A, 3C, 1E, 00, 8A, 3C, 5E, 00, 88, 25, 1E, 00, 8A, 94, 1E, 00, 50, 91, 1E, 00, 8A, 8C, 1C, 00, 8B, 3C, 1E, 00, 96, 4C, 5E, 00, 22, AC, 5E, 00, 48, AC, 5E, 00, 9A, BF, 1E, 00, 2C, AC, 1E, 00, 4A, AC, 1E, 00, 96, 58, 1E, 00, 2C, AC, 1E, 00, 4A, AC, 1E, 00, 8A, 3C, 1E, 00, 8A, 3C, 1E, 00, 8A, 3C, 1E, 00, 8A, 3C, 1E, 00, 8A, 3C, 1E, 00, 8A, 3C, 1E, 00... 
[+]

Code size:

24 KB (24,576 bytes)

Remove pstubxx.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.