home

sarconsogulpe.exe

It runs as a separate (within the context of its own process) windows Service named “sarconsogulpe”.
MD5:
ce9611b2d3d3f0a886a55ae406d6d12f

SHA-1:
5124758aaf8cade9526294a089895032b0ce4069

SHA-256:
95ca236dbee53de46dc46ef57c7fd7e46843a8091b7788763d98968ad04e0263

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/23/2024 6:58:46 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/Adware.Gen
7.11.173.16

File size:
848 KB (868,352 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\sarconsogulpe\sarconsogulpe.exe

File PE Metadata
Compilation timestamp:
9/17/2014 1:47:05 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
12288:4Qq25DQbXyU8m/oR40oiZjo02jBU4/zE3q:4Qq25DIoy6daOq

Entry address:
0x557E2

Entry point:
E9, DB, 33, 07, 00, E9, F4, 65, 02, 00, E9, A7, 15, 06, 00, E9, CD, 05, 09, 00, E9, 55, 91, 07, 00, E9, 3E, 55, 08, 00, E9, BF, 13, 06, 00, E9, 90, 37, 09, 00, E9, 91, DF, 04, 00, E9, 16, 14, 06, 00, E9, 07, 44, 09, 00, E9, EC, 30, 07, 00, E9, 13, 14, 06, 00, E9, 08, 29, 01, 00, E9, 23, 3B, 03, 00, E9, 3E, FE, 03, 00, E9, 59, E3, 04, 00, E9, F4, 1E, 05, 00, E9, 7F, 98, 02, 00, E9, 79, 3F, 09, 00, E9, C2, 96, 06, 00, E9, 87, 7D, 07, 00, E9, 91, 12, 06, 00, E9, 86, CB, 04, 00, E9, 31, AF, 00, 00, E9, 4C, 8B...
 
[+]

Entropy:
5.8845

Developed / compiled with:
Microsoft Visual C++ 8.0 (Debug)

Code size:
688 KB (704,512 bytes)

Service
Display name:
sarconsogulpe

Type:
Win32OwnProcess


Scan sarconsogulpe.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.