» server.exe
Overview
Analysis
File Details

server.exe

The executable server.exe has been detected as malware by 12 anti-virus scanners.

File name:

server.exe

MD5:

e16a580a4b734abdc80d00339a23b209

SHA-1:

34e4e28dce5943086ef044c228d7785d801cb3ea

SHA-256:

b9bfcc6d167a7357f01fd86729446be135f5fc8b84240a0b93e10a14026af934

Scanner detections:

12 / 68

Status:

Malware

Analysis date:

4/26/2024 7:59:39 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Heur.MSIL.Krypt.9

6486625

avast!

MSIL:GenMalicious-V [Trj]

150101-1

Clam AntiVirus

Win.Backdoor.Bladabindi-1

0.98/20000

Dr.Web

Trojan.DownLoader6.41597

9.0.1.05190

Emsisoft Anti-Malware

Gen:Heur.MSIL.Krypt

9.0.0.4799

ESET NOD32

MSIL/Bladabindi.F trojan

7.0.302.0

F-Prot

W32/MSIL_Troj.AP.gen

4.6.5.141

F-Secure

Gen:Heur.MSIL.Krypt.9

5.13.68

Microsoft Security Essentials

Threat.Undefined

1.191.3639.0

Norman

Gen:Heur.MSIL.Krypt.9

03.12.2014 13:20:04

Sophos

Virus 'Mal/MSIL-GL'

5.09

VIPRE Antivirus

Threat.4150696

36666

File size:

26 KB (26,624 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

1/27/2015 3:52:36 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

768:V+XVqOBH+Lq/KqIxd8HXVEu5TWCnIl/vOa:IVILq/IxdQEUWNtvOa

Entry address:

0x7E1E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.4640

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

24 KB (24,576 bytes)

Remove server.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.