» server.exe
Overview
Analysis
File Details

server.exe

The executable server.exe has been detected as malware by 37 anti-virus scanners.

File name:

server.exe

MD5:

26f350dd85a014c408dc5f7b32699fde

SHA-1:

33d844fb552801f5ff19928df0925d7922935f3a

SHA-256:

ebab08aee63e23f6df3d89bfaad1755a40a198b9874e08e6ad0535104e39bc81

Scanner detections:

37 / 68

Status:

Malware

Analysis date:

4/27/2024 1:54:29 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Barys.10219

521

AhnLab V3 Security

Backdoor/Win32.Bladabindi

2015.09.02

Arcabit

Trojan.Barys.D31EC

1.0.0.425

avast!

MSIL:Agent-BKA [Trj]

2014.9-150901

AVG

PSW.ILUSpy

2016.0.2999

Bitdefender

Gen:Variant.Barys.12780

1.0.20.1220

Bkav FE

W32.AdonisC.Trojan

1.3.0.6979

Clam AntiVirus

Win.Backdoor.Bladabindi-1

0.98/20865

Comodo Security

Backdoor.MSIL.Bladabindi.A

23139

Dr.Web

Trojan.DownLoader10.63222

9.0.1.0244

Emsisoft Anti-Malware

Gen:Variant.Barys.10219

8.15.09.01.04

ESET NOD32

MSIL/Bladabindi.BH trojan

9.7.0.302.0

Fortinet FortiGate

MSIL/Agent.LI!tr

9/1/2015

F-Prot

W32/MSIL_Bladabind.I2.gen

v6.4.7.1.166

F-Secure

Gen:Variant.Barys.10219

11.2015-01-09_3

G Data

Gen:Variant.Barys.12780

15.9.25

herdProtect (fuzzy)

variant of mobogenie.exe

2015.10.28.17

IKARUS anti.virus

Trojan.MSIL.Bladabindi

t3scan.1.9.5.0

K7 AntiVirus

Trojan

13.2017075

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.1492

Malwarebytes

Backdoor.Bladabindi.Gen

v2015.09.01.04

McAfee

BackDoor-FBIB!C4A041B0C5E2

5600.6655

Microsoft Security Essentials

Threat.Undefined

1.175.1108.0

MicroWorld eScan

Gen:Variant.Barys.12780

16.0.0.732

NANO AntiVirus

Trojan.Win32.DownLoader10.cvaozm

0.30.24.3283

Norman

Gen:Variant.Barys.10219

11.20150901

nProtect

Trojan/W32.Agent.24064.VP

15.09.01.01

Quick Heal

Backdoor.Bladabindi.AL3

9.15.14.00

Rising Antivirus

PE:Backdoor.MSIL.Bladabindi!1.9E49[F1]

23.00.65.15830

Sophos

Virus 'Troj/DotNet-P'

5.15

SUPERAntiSpyware

Trojan.Agent/Gen-Bladabindi

9656

Total Defense

Win32/DotNetDl.A!generic

37.1.62.1

Trend Micro House Call

BKDR_BLBINDI.SMN

7.2.244

Trend Micro

BKDR_BLBINDI.SMN

10.465.01

Vba32 AntiVirus

Trojan.MSIL.Disfa

3.12.26.4

VIPRE Antivirus

Threat.4799966

29800

Zillya! Antivirus

Backdoor.Agent.Win32.55242

2.0.0.2384

File size:

23.5 KB (24,064 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

9/1/2015 5:59:50 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:VRMKFYuEEhERvoBG16Xuy0MHNw6Tg1Y+75JTFmRvR6JZlbw8hqIusZzZjI:VqW4V6+yDRpcnu7

Entry address:

0x748E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.5300

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

21.5 KB (22,016 bytes)

Remove server.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.