» SendDebugLog.exe
Overview
Analysis
File Details

SendDebugLog.exe

Shared Library

Auslogics

The executable SendDebugLog.exe has been detected as malware by 35 anti-virus scanners. Infected by an entry-point obscuring polymorphic file infector which will create a peer-to-peer botnet and receives URLs of additional files to download.

File name:

SendDebugLog.exe

Publisher:

Auslogics

Product:

Shared Library

Description:

Send Debug Log

Version:

3.1.1.0

MD5:

48bc82378152a9e39952d39bb33d7727

SHA-1:

4970d023fee6dd70fddf457c80a05368f3800301

SHA-256:

fba4fc99fda5ae13ca4278b06a70da8c8566a6a4e6eb71c8a7c321494da0d3c6

Scanner detections:

35 / 68

Status:

File is infected by a Virus

Explanation:

The file is infected by a polymorphic file infector virus.

Analysis date:

4/19/2024 8:54:49 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Win32.Sality.3

885

Agnitum Outpost

Win32.Sality.BL

7.1.1

AhnLab V3 Security

Win32/Kashu.E

2014.09.03

Avira AntiVirus

W32/Sality.AT

7.11.30.172

avast!

Win32:SaliCode

140813-1

AVG

Win32/Sality

2014.0.4015

Bitdefender

Win32.Sality.3

1.0.20.1225

Bkav FE

W32.Sality.PE

1.3.0.4959

Comodo Security

Virus.Win32.Sality.Gen

19401

Dr.Web

Win32.Sector.22

9.0.1.05190

Emsisoft Anti-Malware

Win32.Sality

9.0.0.4324

ESET NOD32

Win32/Sality.NBA virus

7.0.302.0

F-Prot

W32/Sality.gen2

4.6.5.141

F-Secure

Win32.Sality.3

11.2014-02-09_3

G Data

Win32.Sality

14.9.24

IKARUS anti.virus

Virus.Win32.Sality

t3scan.1.7.5.0

K7 AntiVirus

Virus

13.183.13247

Kaspersky

Virus.Win32.Sality

15.0.0.463

McAfee

W32/Sality.gen.z

5600.7019

Microsoft Security Essentials

Threat.Undefined

1.183.1287.0

MicroWorld eScan

Win32.Sality.3

15.0.0.735

NANO AntiVirus

Virus.Win32.Sality.beygb

0.28.2.61942

Norman

Sality.A[gs]

11.20140902

nProtect

Virus/W32.Sality.D

14.09.02.01

Panda Antivirus

W95/Marburg

14.09.02.10

Qihoo 360 Security

Malware.QVM19.Gen

1.0.0.1015

Quick Heal

W32.Sality.U

9.14.14.00

Sophos

Mal/Sality-D

4.98

Total Defense

Win32/Sality.AA

37.0.11158

Trend Micro House Call

PE_SALITY.RL

7.2.245

Trend Micro

PE_SALITY.RL

10.465.02

Vba32 AntiVirus

Virus.Win32.Sality.bakc

3.12.26.3

VIPRE Antivirus

Threat.4721115

32210

ViRobot

Win32.Sality.N

2011.4.7.4223

Zillya! Antivirus

Virus.Sality.Win32.20

2.0.0.1908

File size:

626.4 KB (641,480 bytes)

Product version:

3.x

Trademarks:

Original file name:

SendDebugLog.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Program Files\auslogics\disk defrag professional\senddebuglog.exe

File PE Metadata

Compilation timestamp:

4/23/2014 9:54:42 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:yC8zpY9qWQX/z8EXMf1YmERzgtcTY87ss2fy/3SjJif7/7vNJak3yZbocmy/:yCMW6/PTY87ss2fy/CjJi3ekCFIy/

Entry address:

0x68730

Entry point:

E8, 00, 00, 00, 00, 59, 85, F6, 22, F8, F3, EB, 02, 87, F0, 8D, 05, C1, F4, 06, 2C, F6, C1, 45, 0F, BF, F5, 14, 37, 2B, FF, 4B, BF, BC, 4A, 03, 00, 0A, D3, 0F, AF, EE, 81, F7, AA, 0B, 00, 00, 08, E8, 0F, C1, F9, C7, C2, 17, 5A, 17, BA, C6, C0, 3D, 81, E9, 10, A8, 00, 00, 51, F6, C2, 03, C3, E8, 56, D5, FF, FF, 8D, 45, EC, E8, 66, DE, FF, FF, 8B, 45, EC, 8B, 10, FF, 52, 10, A1, 78, 42, 47, 00, 8B, 00, E8, 4A, D5, FF, FF, 33, C0, 5A, 59, 59, 64, 89, 10, 68, B7, 87, 46, 00, 8D, 45, EC, E8, 39, 8C, F9, FF, C3... 
[+]

Code size:

411.5 KB (421,376 bytes)

Remove SendDebugLog.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.