» servercore.exe
Overview
Analysis
File Details

servercore.exe

Jiajie Yin

The application servercore.exe by Jiajie Yin has been detected as adware by 3 anti-malware scanners.

File name:

servercore.exe

Publisher:

Jiajie Yin (signed and verified)

MD5:

5cebb6106b7207f07ae500a8d3cb7807

SHA-1:

248e9c0db5cc9f7e45adc8a3e30e423152b52ecb

SHA-256:

9be1f2e0b82d00a51ffc839cd4aa3553dd20585f818a3a6b16ea4ef6c5001e43

Scanner detections:

3 / 68

Status:

Adware

Analysis date:

4/18/2024 11:22:25 AM UTC (today)

Scan engine

Detection

Engine version

AVG

Jiajie

2016.0.3207

Qihoo 360 Security

HEUR/QVM20.1.Malware.Gen

1.0.0.1015

Reason Heuristics

PUP.JiajieYin

15.2.6.0

File size:

26.3 KB (26,928 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\application installer\servercore.exe

Digital Signature

Signed by:

Jiajie Yin

Authority:

WoSign CA Limited

Valid from:

5/14/2014 2:16:39 PM

Valid to:

5/15/2015 2:16:39 PM

Subject:

CN=Jiajie Yin, E=cpa.baidu@gmail.com, L=桂林市, S=广西壮族自治区, C=CN

Issuer:

CN=WoSign Class 2 Code Signing CA, O=WoSign CA Limited, C=CN

Serial number:

3F13D1662B5F2172EF525E77D131CC4E

File PE Metadata

Compilation timestamp:

2/2/2015 3:41:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

384:6AnK8spqOZAM/j60RI7k+sqnH8IRKHAufnYPqmtHjHG2qygZTKLJfyXNh/bq1VGo:6AK8scMxR0kUDtufnittDG2qTUKbqRx

Entry address:

0x31C1

Entry point:

55, 8B, EC, 51, 51, 8D, 45, F8, C7, 45, F8, 75, 72, 6C, 6D, 50, C7, 45, FC, 6F, 6E, 00, 00, FF, 15, D0, 40, 40, 00, A3, E8, 5E, 40, 00, E8, 5D, FB, FF, FF, 6A, 00, FF, 15, B8, 40, 40, 00, B8, 30, 3D, 40, 00, E8, 86, 08, 00, 00, 83, EC, 44, 53, 8B, 5D, 0C, 56, 57, 6A, 10, 33, F6, 59, 33, C0, 8D, 7D, B4, 6A, 10, 56, 53, F3, AB, C7, 45, B0, 44, 00, 00, 00, C7, 45, DC, 01, 00, 00, 00, 66, 89, 75, E0, C7, 45, B8, D0, 55, 40, 00, E8, 09, 0A, 00, 00, 83, C4, 0C, 8D, 4D, 0C, E8, 0A, E6, FF, FF, FF, 75, 08, 8D, 4D... 
[+]

Entropy:

6.5473

Developed / compiled with:

Microsoft Visual C++

Code size:

11.5 KB (11,776 bytes)

Remove servercore.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.