» Server.exe
Overview
Analysis
File Details

Server.exe

Windows System Ressources Debugger

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The executable Server.exe has been detected as malware by 35 anti-virus scanners.

File name:

Server.exe

Publisher:

Microsoft Corporation* (Invalid match)

Product:

Windows System Ressources Debugger

Version:

4.00.0010

MD5:

39cf7d4ec5815ff13638b477fdfb8e87

SHA-1:

315c3d4cde4b7b4cb7ec1dcf9f8835e101170f64

SHA-256:

d05850cb349606cb465efa76a42b832433be2beb5cb74a20ea8317914b076c7b

Scanner detections:

35 / 68

Status:

Malware

Analysis date:

5/2/2024 9:53:50 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Backdoor.Boid.2.0

-40

AegisLab AV Signature

Backdoor.W32.Boid.20!c

2.1.4+

AhnLab V3 Security

Trojan/Win32.Boid.N986417

3.7.4.14

Avira AntiVirus

BDS/Boid.20

8.3.3.4

Arcabit

Backdoor.Boid.2.0

1.0.0.741

avast!

Win32:Boid-D [Trj]

2014.9-170315

AVG

BackDoor.Boid.D

2018.0.2438

Baidu Antivirus

Win32.Trojan.WisdomEyes.151026.9950

4.0.3.17315

Bitdefender

Backdoor.Boid.2.0

1.0.20.370

Clam AntiVirus

Win.Trojan.Boid-1

0.98/21511

Comodo Security

Backdoor.Win32.Boid.20

25352

Dr.Web

BackDoor.Generic.41

9.0.1.074

Emsisoft Anti-Malware

Backdoor.Boid.2.0

8.17.03.15.04

ESET NOD32

Win32/Boid.20

11.13721

Fortinet FortiGate

W32/Boid.20!tr.bdr

3/15/2017

F-Prot

W32/Boid.B@bd

v6.4.7.1.166

F-Secure

Backdoor.Boid.2.0

11.2017-15-03_4

G Data

Backdoor.Boid.2.0

17.3.25

IKARUS anti.virus

Backdoor.Win32.Boid

t3scan.2.1.6.0

K7 AntiVirus

Trojan

13.231.20070

Kaspersky

Backdoor.Win32.Boid

14.0.0.-1313

McAfee

VB-BackDoor.a.gen

5600.6094

Microsoft Security Essentials

Backdoor:Win32/Boid.2_0

1.1.12805.0

MicroWorld eScan

Backdoor.Boid.2.0

18.0.0.222

NANO AntiVirus

Trojan.Win32.Boid.fedd

1.0.38.8984

nProtect

Backdoor/W32.Boid.57383

16.06.28.01

Panda Antivirus

Bck/Boid.A

17.03.15.04

Qihoo 360 Security

HEUR/Malware.QVM03.Gen

1.0.0.1120

Sophos

Troj/Boid-B

4.98

Trend Micro House Call

TROJ_SPNR.35DG13

7.2.74

Trend Micro

TROJ_SPNR.35DG13

10.465.15

Vba32 AntiVirus

Backdoor.Boid

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

50460

ViRobot

Trojan.Win32.S.Agent.57383[h]

2014.3.20.0

Zillya! Antivirus

Trojan.CPEX.Win32.4133

2.0.0.2932

File size:

56 KB (57,383 bytes)

Product version:

4.00.0010

Trademarks:

Original file name:

Server.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\downloads\ceh\cehv8 module 06 trojans and backdoors\miscellaneous trojans\amiboide uploader v2.0\server.exe

File PE Metadata

Compilation timestamp:

6/13/2004 2:09:46 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

Entry address:

0x11A0

Entry point:

68, DC, 20, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, CB, 33, 1D, 79, 2D, 7B, EA, 4F, BA, 63, ED, 9F, E1, 02, F4, 73, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 61, 62, 64, 75, 70, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 12, E2, 49, E4, 39, 10, B8, F6, 40, 9B, 6B, 65, E0, F4, 65, 46, 8A, 7D, D3, 7F, D8, 6B, 2F, ED, 4F, 9F, 86, 56, FA, 3D, FC, AD, 6F, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00, AA, 00, 60, D3, 93, 00, 00, 00... 
[+]

Entropy:

4.5555

Developed / compiled with:

Microsoft Visual Basic v5.0/v6.0

Code size:

48 KB (49,152 bytes)

Remove Server.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.