home

sanmao smtp mail cracker v1.0.exe

Sanmao SMTP Mail Cracker

The executable sanmao smtp mail cracker v1.0.exe, “Made by Sanmao MSN/Mail:suruiqiang@msn.com” has been detected as malware by 9 anti-virus scanners. The file has been seen being downloaded from www.storageserver.co.uk and multiple other hosts.
Product:
Sanmao SMTP Mail Cracker

Description:
Made by Sanmao MSN/Mail:suruiqiang@msn.com

Version:
1, 0, 0, 1

MD5:
620f25e0078ef6e89d6a33e36689600d

SHA-1:
2168fd77399a28eb2189526f5f51894b0c212974

SHA-256:
de9bf8debe117c7bfafc2a427cc380f1afadda906ddc1f460924ddc9bba7069f

Scanner detections:
9 / 68

Status:
Malware

Analysis date:
4/23/2024 7:05:54 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
SPR/SanMaoMailCracker.A
7.11.176.134

Baidu Antivirus
Hacktool.Win32.SanMaoMailCracker
4.0.3.1473

Comodo Security
UnclassifiedMalware
18755

ESET NOD32
Win32/RiskWare.SanMaoMailCracker (variant)
8.10040

K7 AntiVirus
Riskware
13.183.13550

Kaspersky
not-a-virus:RiskTool.Win32.MailCracker
14.0.0.3151

McAfee
Artemis!620F25E0078E
5600.6987

Rising Antivirus
PE:Trojan.Win32.Generic.16E013FC!383783932
23.00.65.141002

Trend Micro House Call
TROJ_GEN.F47V0331
7.2.184

File size:
276 KB (282,624 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyrigth (C) 2010

File type:
Executable application (Win32 EXE)

Language:
Chinese (Simplified, PRC)

Common path:
C:\users\{user}\downloads\sanmao smtp mail cracker v1.0.exe

File PE Metadata
Compilation timestamp:
3/5/2013 1:33:01 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:+apHHupLwKbj/FsxwkQTYSj0zYbtdutHBwgLQ30gaFose+G7OezDz6ozs/4+M2ag:Vpn6bj/ax5SH0zwtGvgaFnGLHCRM2

Entry address:
0xD990

Entry point:
55, 8B, EC, 6A, FF, 68, 00, 45, 43, 00, 68, 74, 2C, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, 30, 12, 43, 00, 33, D2, 8A, D4, 89, 15, 9C, 2A, 44, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 98, 2A, 44, 00, C1, E1, 08, 03, CA, 89, 0D, 94, 2A, 44, 00, C1, E8, 10, A3, 90, 2A, 44, 00, 6A, 01, E8, 1F, 52, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 8C, 45, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Entropy:
6.1136

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
192 KB (196,608 bytes)

The file sanmao smtp mail cracker v1.0.exe has been seen being distributed by the following 3 URLs.

http://www.storageserver.co.uk/files/18685/.../Sanmao_SMTP_Mail_Cracker_v1.0.exe.html

https://www.mydrive.ch/download/.../Sanmao SMTP Mail Cracker v1.0.exe

http://www.storageserver.co.uk/files/18685/.../Sanmao_SMTP_Mail_Cracker_v1.0.exe.html

Remove sanmao smtp mail cracker v1.0.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.