home

smartswitchservice.exe

It runs as a separate (within the context of its own process) windows Service named “Lenovo Smart Switch”.
MD5:
4c0ba618ffd9341b789a49c6d3e9ac59

SHA-1:
6835bb9ba5ac8d8848f6981ef4ae7d54c9440bcd

SHA-256:
e88663a094ae8d0ff89f5df0d5c0cdbd774304552cb50320c3f233b34dc22aea

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/19/2024 10:29:28 PM UTC  (today)

Scan engine
Detection
Engine version

Sophos
Mal/Behav-204
4.98

Trend Micro House Call
Suspicious_GEN.F47V0324
7.2.91

File size:
109.5 KB (112,128 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Windows\System32\smartswitchservice.exe

File PE Metadata
Compilation timestamp:
9/27/2014 6:49:11 PM

OS version:
6.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
12.0

CTPH (ssdeep):
1536:aVdVlR3DseN4g4Qm+zQx0/idbtAPQVU0HFPcjLSsWjcdJn3CVRP9z:WxgS4xSQx0WVU0HFcLdJn3CVRR

Entry address:
0x3ACD

Entry point:
E8, 28, 52, 00, 00, E9, 7B, FE, FF, FF, 55, 8B, EC, FF, 15, 54, 31, 41, 00, 6A, 01, A3, 84, B6, 41, 00, E8, F2, 53, 00, 00, FF, 75, 08, E8, 9A, 57, 00, 00, 83, 3D, 84, B6, 41, 00, 00, 59, 59, 75, 08, 6A, 01, E8, D8, 53, 00, 00, 59, 68, 09, 04, 00, C0, E8, 68, 57, 00, 00, 59, 5D, C3, 55, 8B, EC, 81, EC, 24, 03, 00, 00, 6A, 17, E8, C4, DD, 00, 00, 85, C0, 74, 05, 6A, 02, 59, CD, 29, A3, 68, B4, 41, 00, 89, 0D, 64, B4, 41, 00, 89, 15, 60, B4, 41, 00, 89, 1D, 5C, B4, 41, 00, 89, 35, 58, B4, 41, 00, 89, 3D, 54...
 
[+]

Entropy:
6.3581

Code size:
72 KB (73,728 bytes)

Service
Display name:
Lenovo Smart Switch

Service name:
SMARTSWITCH

Description:
Lenovo Smart Switch Client Service

Type:
Win32OwnProcess


Scan smartswitchservice.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.