home

server.exe

The executable server.exe has been detected as malware by 4 anti-virus scanners.
MD5:
49c57cd9fe9991554702053a9e376813

SHA-1:
7a5cf36affb1fb2f6b085be069c95cb20ba2c352

SHA-256:
097f1417f84853157fb8899974870f9bf397f9ddb29608bb987110735772325f

Scanner detections:
4 / 68

Status:
Malware

Analysis date:
4/23/2024 1:56:20 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
MSIL/Bladabindi.Q trojan
7.0.302.0

IKARUS anti.virus
Backdoor.MSIL
t3scan.1.6.1.0

Rising Antivirus
PE:Backdoor.MSIL.Bladabindi!1.9DE6
23.00.65.14723

VIPRE Antivirus
Threat.4799966
31208

File size:
1006.5 KB (1,030,656 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
7/25/2014 6:37:59 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:UtiR8/vo2niOGSHcO7YhtLc/9BufigxXj5e+rfXYW:CRiH67v94EIXY

Entry address:
0x7ED2E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.6398

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
499.5 KB (511,488 bytes)

Remove server.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.