» server.exe
Overview
Analysis
File Details

server.exe

The executable server.exe has been detected as malware by 35 anti-virus scanners. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information.

File name:

server.exe

MD5:

7977ea65d94830c2d98a2d0cb93000ba

SHA-1:

38352417d31d117e2c0fdedc0585af77a4aa88fb

SHA-256:

9f9fc7d5a6cc62de0a628fdb652a415b38bfe45d929d1e88f75485bedb07c737

Scanner detections:

35 / 68

Status:

Malware

Analysis date:

4/18/2024 3:23:01 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Barys.12780

5734772

AhnLab V3 Security

Backdoor/Win32.Bladabindi

2015.10.09

Avira AntiVirus

TR/Dropper.Gen7

8.3.2.2

Arcabit

Trojan.Barys.D31EC

1.0.0.582

avast!

MSIL:GenMalicious-V [Trj]

151004-0

AVG

PSW.ILUSpy

2016.0.2962

Bitdefender

Gen:Variant.Barys.12780

1.0.20.1410

Clam AntiVirus

Win.Backdoor.Bladabindi-1

0.98/20957

Comodo Security

Backdoor.MSIL.Bladabindi.A

23382

Dr.Web

BackDoor.Bladabindi.1056

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Barys.12780

10.0.0.5366

ESET NOD32

MSIL/Bladabindi.BC trojan

7.0.302.0

Fortinet FortiGate

MSIL/Agent.LI!tr

10/9/2015

F-Prot

W32/MSIL_Bladabind.I2.gen

v6.4.7.1.166

F-Secure

Gen:Variant.Barys.12780

5.14.151

G Data

Gen:Variant.Barys.12780

15.10.25

IKARUS anti.virus

Trojan.MSIL.Bladabindi

t3scan.1.9.5.0

K7 AntiVirus

Trojan

13.210.17479

Kaspersky

Trojan.MSIL.Disfa

15.0.0.463

Malwarebytes

Backdoor.NJRat

v2015.10.09.09

McAfee

Trojan.BackDoor-NJRat!7977EA65D948

18.0.204.0

Microsoft Security Essentials

Backdoor:MSIL/Bladabindi.AJ

1.207.2059.0

MicroWorld eScan

Gen:Variant.Barys.12780

16.0.0.846

NANO AntiVirus

Trojan.Win32.Disfa.dtznyx

0.30.26.3947

Norman

Gen:Variant.Barys.12780

03.12.2014 13:20:04

nProtect

Trojan/W32.Agent.24064.TV

15.10.08.01

Quick Heal

Backdoor.Bladabindi.AL3

10.15.14.00

Rising Antivirus

PE:Backdoor.MSIL.Bladabindi!1.9E49[F1]

23.00.65.151007

Sophos

Virus 'Troj/Bbindi-W'

5.15

SUPERAntiSpyware

Trojan.Agent/Gen-Bladabindi

9580

Total Defense

Win32/DotNetDl.A!generic

37.1.62.1

Trend Micro House Call

BKDR_BLADABI.SMC

7.2.282

Trend Micro

BKDR_BLADABI.SMC

10.465.09

Vba32 AntiVirus

Trojan.MSIL.Disfa

3.12.26.4

VIPRE Antivirus

Threat.4799966

43798

File size:

23.5 KB (24,064 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

10/9/2015 11:29:11 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:Qc68yCasVKDh3OQyNpsQ1im/VjJs+PyR46vg5J++p57nhmRvR6JZlbw8hqIusZzW:2873Kt+QesGN/VjZPQRpcnuj

Entry address:

0x74AE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.5315

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

21.5 KB (22,016 bytes)

Remove server.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.