» server.exe
Overview
Analysis
File Details

server.exe

The executable server.exe has been detected as malware by 40 anti-virus scanners.

File name:

server.exe

MD5:

81e1e90ecd540122fd9b31fb9ae7a734

SHA-1:

28dc410fa375d2f27b52c25a563b13923d16815d

SHA-256:

1b012b2c2f6ecdcb1bd5be6848e32b34ffc5285b4d11901ecbbec6014ec088cd

Scanner detections:

40 / 68

Status:

Malware

Analysis date:

4/26/2024 1:46:26 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Dropper.SAG

5793950

Agnitum Outpost

Trojan.Midgare.IQ

7.1.1

AhnLab V3 Security

Win-Trojan/Bifrose.Gen

2015.09.02

Avira AntiVirus

BDS/Bifrose.aec

8.3.2.2

Arcabit

Trojan.Dropper.SAG

1.0.0.425

avast!

Win32:Refroso-DE [Trj]

150828-0

AVG

BackDoor.Generic12

2016.0.2999

Bitdefender

Trojan.Dropper.SAG

1.0.20.1220

Bkav FE

W32.Ise32NO

1.3.0.4562

Clam AntiVirus

W32.Trojan.Bifrose-37

0.98/20865

Comodo Security

Backdoor.Win32.Bifrost.~Q

23139

Dr.Web

Trojan.Inject.5077

9.0.1.05190

Emsisoft Anti-Malware

Trojan.Dropper.SAG

10.0.0.5366

ESET NOD32

Win32/Bifrose.NEL trojan

7.0.302.0

Fortinet FortiGate

W32/Bifrose.NTA2!tr

9/1/2015

F-Prot

W32/Backdoor2.CBJB

v6.4.7.1.166

F-Secure

Backdoor:W32/Bifrose.gen!E

5.14.151

G Data

Trojan.Dropper.SAG

15.9.25

herdProtect (fuzzy)

variant of 10.exe

2015.10.28.17

IKARUS anti.virus

Virus.Trojan.Win32.Midgare

t3scan.1.9.5.0

K7 AntiVirus

Riskware

13.174.10263

Kaspersky

Backdoor.Win32.Bifrose

15.0.0.543

Malwarebytes

Trojan.Clicker

v2015.09.01.04

McAfee

Generic BackDoor.aab

5600.6655

Microsoft Security Essentials

Threat.Undefined

1.205.1047.0

MicroWorld eScan

Trojan.Generic.5953853

16.0.0.732

NANO AntiVirus

Trojan.Win32.Bifrose.chutkd

0.28.0.56316

Norman

Trojan.Dropper.SAG

04.08.2015 10:30:46

nProtect

Trojan/W32.Midgare.32669.I

13.11.20.01

Panda Antivirus

Bck/Bifrose.BFX

15.09.01.04

Quick Heal

Backdoor.Bifrose.AE

9.15.12.00

Rising Antivirus

PE:Trojan.Win32.Midgare.hhn!1405451[F1]

23.00.65.15830

Sophos

Virus 'Mal/Bifrose-X'

5.17

SUPERAntiSpyware

Rootkit.Agent/Gen-Frossi

9656

Trend Micro House Call

BKDR_BIFROSE.SMA

7.2.244

Trend Micro

BKDR_BIFROSE.SMA

10.465.01

Vba32 AntiVirus

SScope.Trojan.Buzus.ak

3.12.26.4

VIPRE Antivirus

Threat.4150696

42326

ViRobot

Backdoor.Win32.A.Bifrose.32637.KZ[h]

2014.3.20.0

Zillya! Antivirus

Virus.Bitforse.Win32.1

2.0.0.2384

File size:

31.9 KB (32,637 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\roaming\bifrost\server.exe

File PE Metadata

Compilation timestamp:

12/28/2007 5:11:35 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

768:Z+h7TzTBziifTeiZSVWihwEknh0L7OTLeNfQf5:kZ/nEkh8OTKNo

Entry address:

0x7C89

Entry point:

55, 8B, EC, 83, EC, 44, 56, FF, 15, 18, 10, 40, 00, 8B, F0, 8A, 06, 3C, 22, 75, 14, 8A, 46, 01, 46, 84, C0, 74, 04, 3C, 22, 75, F4, 80, 3E, 22, 75, 0D, 46, EB, 0A, 3C, 20, 7E, 06, 46, 80, 3E, 20, 7F, FA, 8A, 06, 84, C0, 74, 04, 3C, 20, 7E, E9, 83, 65, E8, 00, 8D, 45, BC, 50, FF, 15, 14, 10, 40, 00, E8, 5D, 00, 00, 00, 68, 30, 10, 40, 00, 68, 2C, 10, 40, 00, E8, 34, 00, 00, 00, F6, 45, E8, 01, 59, 59, 74, 06, 0F, B7, 45, EC, EB, 03, 6A, 0A, 58, 50, 56, 6A, 00, 6A, 00, FF, 15, 04, 10, 40, 00, 50, E8, BB, FC... 
[+]

Entropy:

7.4496

Developed / compiled with:

Microsoft Visual C++

Code size:

28 KB (28,672 bytes)

Remove server.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.