» server.exe
Overview
Analysis
File Details

server.exe

The executable server.exe has been detected as malware by 36 anti-virus scanners. This backdoor trojan may be used to conduct distributed denial of service attacks, or used to install additional trojans or other forms of malicious software as well as can steal your sensitive information.

File name:

server.exe

MD5:

81e650a3b9257dcd86e3df93160727c1

SHA-1:

e66d562839bb6b634afe5a678b9d5172c1ae617d

SHA-256:

4de84a73f90891c2671018482c913cccd62d4483627ebaaedbe0196ae1ac1841

Scanner detections:

36 / 68

Status:

Malware

Analysis date:

5/6/2024 6:04:41 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Zusy.75290

786

AegisLab AV Signature

Troj.W32.Gen

2.1.4+

Agnitum Outpost

Trojan.Agent

7.1.1

AhnLab V3 Security

Win-Trojan/Zbot.24064

2014.11.06

Avira AntiVirus

TR/Dropper.Gen7

7.11.183.62

avast!

MSIL:GenMalicious-AV [Trj]

2014.9-141210

AVG

PSW.ILUSpy

2015.0.3264

Baidu Antivirus

Trojan.Win32.Generic

4.0.3.141210

Bitdefender

Gen:Variant.Zusy.75290

1.0.20.1720

Comodo Security

Backdoor.MSIL.Bladabindi.A

19997

Dr.Web

BackDoor.Bladabindi.1056

9.0.1.0344

Emsisoft Anti-Malware

Gen:Variant.Zusy.75290

8.14.12.10.03

ESET NOD32

MSIL/Bladabindi.BC (variant)

8.10675

Fortinet FortiGate

MSIL/Bladabindi.Q!tr

12/10/2014

F-Prot

W32/MSIL_Bladabindi.G.gen

v6.4.7.1.166

F-Secure

Gen:Variant.Zusy.75290

11.2014-10-12_4

G Data

Gen:Variant.Zusy.75290

14.12.24

IKARUS anti.virus

Backdoor.MSIL

t3scan.1.8.3.0

K7 AntiVirus

Trojan

13.185.13888

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.2817

Malwarebytes

Backdoor.Bladabindi.Gen

v2014.12.10.03

McAfee

BackDoor-NJRat!81E650A3B925

5600.6920

Microsoft Security Essentials

Backdoor:MSIL/Bladabindi.AJ

1.11104

MicroWorld eScan

Gen:Variant.Zusy.75290

15.0.0.1032

NANO AntiVirus

Trojan.Win32.DownLoader11.cxfbrl

0.28.6.62995

Norman

Bladabindi.JQ

11.20141210

nProtect

Trojan/W32.Agent.24064.UH

14.11.05.01

Qihoo 360 Security

Win32/Trojan.Dropper.fae

1.0.0.1015

Quick Heal

Backdoor.Bladabindi.AL3

12.14.14.00

Sophos

Troj/DotNet-P

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Bladabindi

10186

Total Defense

Win32/DotNetDl.A!generic

37.0.11264

Trend Micro

BKDR_BLBINDI.SMN

10.465.10

Vba32 AntiVirus

Trojan.MSIL.Disfa

3.12.26.3

VIPRE Antivirus

Backdoor.MSIL.Bladabindi.a

34536

Zillya! Antivirus

Trojan.Disfa.Win32.10565

2.0.0.1976

File size:

23.5 KB (24,064 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\server.exe

File PE Metadata

Compilation timestamp:

6/10/2014 9:05:53 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:j8aLWS0dABLYVq6RxP8MDFF09vK563gRMmJKUv0mRvR6JZlbw8hqIusZzZ8kP:oXcwt3tRpcnuJ+

Entry address:

0x747E

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

21.5 KB (22,016 bytes)

Remove server.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.