» securedzoneservice.exe
Overview
Analysis
File Details
Behaviors (1)

securedzoneservice.exe

ArchiCrypt Shredder

Softwareentwicklung Patric Remus

The executable securedzoneservice.exe, “Shredder Secure D Zone Helper Service” has been detected as malware by 5 anti-virus scanners. It runs as a separate (within the context of its own process) windows Service named “SecureDZone Helper Service”.

File name:

Publisher:

Softwareentwicklung Remus (signed by Softwareentwicklung Patric Remus)

Product:

ArchiCrypt Shredder

Description:

Shredder Secure D Zone Helper Service

Version:

2.0.1.1024

MD5:

7c7074b4feb8a8fecfb3da5b7682732f

SHA-1:

b0206e81d9751d2e9aa7ebfa8edac4935b3bf912

SHA-256:

a7191042a611abdb7fd3159cb9bc084da3d71126c9f8b97566a5f6898ceba842

Scanner detections:

5 / 68

Status:

Malware

Analysis date:

4/27/2024 3:14:13 AM UTC (today)

Scan engine

Detection

Engine version

Fortinet FortiGate

Possib1ethreat

10/3/2016

Kaspersky

Trojan.Win32.Delf

14.0.0.-497

McAfee

Artemis!7C7074B4FEB8

5600.6258

Norman

W32/Delf.EFXG

11.20161003

Panda Antivirus

Suspicious file

16.10.03.08

File size:

138.5 KB (141,824 bytes)

Product version:

4.0.1.0

2007

Trademarks:

ArchiCrypt

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Digital Signature

Signed by:

Softwareentwicklung Patric Remus

Authority:

GlobalSign nv-sa

Valid from:

11/20/2006 2:23:37 PM

Valid to:

11/20/2007 2:23:37 PM

Subject:

E=Anfrage@ArchiCrypt.com, CN=Softwareentwicklung Patric Remus - ArchiCrypt -, O=Softwareentwicklung Patric Remus, C=DE

Issuer:

CN=GlobalSign ObjectSign CA, OU=ObjectSign CA, O=GlobalSign nv-sa, C=BE

Serial number:

0100000000010F05893D70

File PE Metadata

Compilation timestamp:

6/26/2007 1:07:23 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

3072:rkTpA8SO0RH2FvkHINTOS+osKsyx38bLwUODZXBP5XTa+xw2:rkTRwTI5Or4st2Zja+h

Entry address:

0x1D114

Entry point:

55, 8B, EC, 83, C4, F0, B8, C8, C0, 41, 00, E8, A0, 7D, FE, FF, E8, 6F, 64, FF, FF, 85, C0, 74, 07, E8, A2, E7, FF, FF, EB, 05, E8, 0B, E8, FF, FF, E8, DE, 6C, FE, FF, 8B, C0, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

109 KB (111,616 bytes)

Service

Display name:

SecureDZone Helper Service

Service name:

SecureDZoneService

Type:

Win32OwnProcess

Remove securedzoneservice.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.