» server.exe
Overview
Analysis
File Details

server.exe

The executable server.exe has been detected as malware by 36 anti-virus scanners. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information.

File name:

server.exe

MD5:

d826c88c9955364f7581d1925b59632e

SHA-1:

02286840ab0e1584838d0036523e4a727ba8f09c

SHA-256:

db39dabf3129653307b2f514760866bbacd5e8767500d47151484bc3e4d4fbf4

Scanner detections:

36 / 68

Status:

Malware

Analysis date:

4/23/2024 11:47:00 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Barys.10219

5777739

Agnitum Outpost

Trojan.Agent

7.1.1

AhnLab V3 Security

Win-Trojan/Zbot.24064

2015.04.29

avast!

MSIL:GenMalicious-V [Trj]

150414-0

AVG

Win.Threat.High

2014.0.4311

Bitdefender

Gen:Variant.Barys.10219

1.0.20.590

Clam AntiVirus

Win.Backdoor.Bladabindi-1

0.98/20387

Comodo Security

Backdoor.MSIL.Bladabindi.A

21926

Dr.Web

Trojan.KillFiles.23127

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Barys.10219

9.0.0.4799

ESET NOD32

MSIL/Bladabindi.BC (variant)

9.11545

Fortinet FortiGate

MSIL/Bladabindi.SMC!tr

4/28/2015

F-Prot

W32/MSIL_Bladabindi.G.gen

v6.4.7.1.166

F-Secure

Gen:Variant.Barys.10219

11.2015-28-04_3

G Data

Gen:Variant.Barys.10219

15.4.25

herdProtect (fuzzy)

variant of server (24).exe

2015.7.28.18

IKARUS anti.virus

Trojan.MSIL.Bladabindi

t3scan.1.8.9.0

K7 AntiVirus

Trojan

13.185.13888

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.2122

Malwarebytes

Backdoor.Bladabindi.Gen

v2015.07.28.06

McAfee

BackDoor-NJRat!81E650A3B925

5600.6781

Microsoft Security Essentials

Backdoor:MSIL/Bladabindi.AJ

1.197.681.0

MicroWorld eScan

Gen:Variant.Zusy.75290

16.0.0.354

NANO AntiVirus

Trojan.Win32.DownLoader11.cxfbrl

0.30.24.1357

Norman

Gen:Variant.Barys.10219

03.12.2014 13:20:04

nProtect

Trojan/W32.Agent.24064.UH

14.11.05.01

Panda Antivirus

Generic Malware

15.04.28.03

Quick Heal

Backdoor.Bladabindi.AL3

4.15.14.00

Sophos

Virus 'Troj/DotNet-P'

5.13

SUPERAntiSpyware

Trojan.Agent/Gen-Bladabindi

9908

Total Defense

Win32/DotNetDl.A!generic

37.1.62.1

Trend Micro House Call

BKDR_BLBINDI.SMN

7.2.118

Trend Micro

BKDR_BLBINDI.SMN

10.465.28

Vba32 AntiVirus

Backdoor.MSIL.Agent

3.12.26.3

VIPRE Antivirus

Backdoor.MSIL.Bladabindi.a

34536

Zillya! Antivirus

Trojan.Disfa.Win32.10565

2.0.0.2157

File size:

23.5 KB (24,064 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

4/28/2015 1:39:33 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:J8aLWS0dABLYVq6RxP8MDFF09vK563gRMmJKUv0mRvR6JZlbw8hqIusZzZ8kK:qXcwt3tRpcnuJ3

Entry address:

0x747E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.5221

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

21.5 KB (22,016 bytes)

Remove server.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.