» s.exe
Overview
Analysis
File Details

s.exe

The executable s.exe has been detected as malware by 17 anti-virus scanners.

File name:

s.exe

MD5:

c74c0c54ec1e553f429fc08087cd0a63

SHA-1:

3ad9e147421adee1b38d61e366aa6be94d18bdb7

SHA-256:

800f1befdee5e649ed2784aebefed04bc159e488db53993452030b2bacb5edfd

Scanner detections:

17 / 68

Status:

Malware

Analysis date:

4/26/2024 8:48:26 PM UTC (today)

Scan engine

Detection

Engine version

AegisLab AV Signature

Troj.W32.Generic!c

2.1.4+

AhnLab V3 Security

Trojan/Win32.Generic.C1815378

3.8.3.16

Avira AntiVirus

TR/Peals.xakwx

8.3.3.4

AVG

Generic38

2018.0.2438

Baidu Antivirus

Win32.Trojan.WisdomEyes.16070401.9500

4.0.3.17316

Fortinet FortiGate

W32/Generic!tr

3/16/2017

G Data

Win32.Trojan.Agent.7NN77Q

17.3.A:25.11199B:25.9092

IKARUS anti.virus

Trojan.Peals

0.2.1.2

K7 AntiVirus

Riskware

13.10.6.22730

McAfee

RDN/Generic.hbg

5600.6094

Quick Heal

Trojan.Generic

3.17.14.00

Rising Antivirus

Malware.Generic.5!tfe (cloud:2584IiQv6NL)

23.00.65.17314

Sophos

Mal/Generic-S

4.98

Vba32 AntiVirus

TrojanDropper.VBS.Agent

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

56674

ViRobot

Trojan.Win32.Z.Xtreme.73728[h]

2014.3.20.0

Zillya! Antivirus

Backdoor.Xtreme.Win32.16528

2.0.0.3232

File size:

72 KB (73,728 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\spelling bee ninja\s.exe

File PE Metadata

Compilation timestamp:

10/17/2016 6:59:44 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

2.50

Entry address:

0x1000

Entry point:

68, 34, 01, 00, 00, 68, 00, 00, 00, 00, 68, C4, 33, 41, 00, E8, 5C, 40, 00, 00, 83, C4, 0C, 68, 00, 00, 00, 00, E8, 55, 40, 00, 00, A3, C8, 33, 41, 00, 68, 00, 00, 00, 00, 68, 00, 10, 00, 00, 68, 00, 00, 00, 00, E8, 42, 40, 00, 00, A3, C4, 33, 41, 00, E8, BC, 3F, 00, 00, B8, 3C, 22, 41, 00, A3, FC, 33, 41, 00, E8, ED, E1, 00, 00, E8, D4, DF, 00, 00, E8, D6, C4, 00, 00, E8, 01, C0, 00, 00, E8, 09, BB, 00, 00, E8, 8D, B7, 00, 00, E8, FF, B4, 00, 00, E8, DB, B4, 00, 00, E8, 4D, B4, 00, 00, E8, B0, AB, 00, 00... 
[+]

Entropy:

6.6416

Packer / compiler:

PKLITE32, 0x1.1

Code size:

58.5 KB (59,904 bytes)

Remove s.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.