» smrtwk.exe
Overview
Analysis
File Details

smrtwk.exe

SmartTeck

The executable smrtwk.exe has been detected as malware by 20 anti-virus scanners.

File name:

smrtwk.exe

Publisher:

SmartTeck Inc. (signed by SmartTeck)

Description:

SmartTweak

Version:

0.1.22.4

MD5:

007cc87ee99096cec311f4b0fbed67c2

SHA-1:

679f768e02ca78dfe624b7861ae8ddf0cdfdf6ac

SHA-256:

f4185b2dc42b07fe1d9513fa578060b1ccc4d8b4ad4d1a850ce4c37e5ebe8f3f

Scanner detections:

20 / 68

Status:

Malware

Analysis date:

4/26/2024 5:31:36 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Rogue.1502874

7.11.137.202

AVG

Agent4

2015.0.3495

Baidu Antivirus

Trojan.Win32.MultiPacked

4.0.3.14423

Bkav FE

HW32.CDB

1.3.0.4959

Comodo Security

UnclassifiedMalware

17951

ESET NOD32

Win32/Agent.VPR

8.9558

Fortinet FortiGate

W32/Multi.MULTIPACKED

4/23/2014

F-Prot

W32/NewMalware-LSU-based!Maximu

v6.4.7.1.166

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.2.2.29

K7 AntiVirus

Riskware

13.176.11482

Kaspersky

Packed.Multi.MultiPacked

14.0.0.3971

McAfee

Artemis!007CC87EE990

5600.7151

NANO AntiVirus

Trojan.Win32.Rogue.cucxzz

0.28.0.58491

Norman

Troj_Generic.SDWMB

11.20140423

Qihoo 360 Security

HEUR/Malware.QVM18.Gen

1.0.0.1015

Quick Heal

Trojan.Multi.MultiTrojan.gen

4.14.12.00

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_SPNR.35BH14

7.2.113

Trend Micro

TROJ_SPNR.35BH14

10.465.23

VIPRE Antivirus

Trojan.Win32.Generic

27514

File size:

406.2 KB (415,936 bytes)

Product version:

0.1.1.65

SmartTeck Inc.

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\smrtwk.exe

Digital Signature

Signed by:

SmartTeck

Authority:

SmartTeck

Valid from:

1/20/2013 12:00:00 AM

Valid to:

2/12/2014 12:00:00 AM

Subject:

CN=SmartTeck

Issuer:

CN=SmartTeck

Serial number:

5F70EDBFA3673C904174BD3A825926DF

File PE Metadata

Compilation timestamp:

1/6/2014 3:22:37 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.0

CTPH (ssdeep):

6144:qtoXfspuQ/XmYeOnzmG4/JNZOUrECHCAmOrpgQcnUCbhjo:q6AuQ/X6WzE/vZHqOrpCLhjo

Entry address:

0x117000

Entry point:

55, 89, E5, E8, 02, 00, 00, 00, C9, C3, 90, 90, 45, 58, 45, 68, 87, B2, 4F, 00, C3, 00, 00, 00, A8, 0A, 00, 00, 00, 02, 02, 00, 30, 82, 0A, 99, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 07, 02, A0, 82, 0A, 8A, 30, 82, 0A, 86, 02, 01, 01, 31, 0E, 30, 0C, 06, 08, 2A, 86, 48, 86, F7, 0D, 02, 05, 05, 00, 30, 67, 06, 0A, 2B, 06, 01, 04, 01, 82, 37, 02, 01, 04, A0, 59, 30, 57, 30, 33, 06, 0A, 2B, 06, 01, 04, 01, 82, 37, 02, 01, 0F, 30, 25, 03, 01, 00, A0, 20, A2, 1E, 80, 1C, 00, 3C, 00, 3C, 00, 3C, 00, 4F, 00, 62, 00... 
[+]

Entropy:

7.1323

Packer / compiler:

PseudoSigner 0.1MinGW GCC, 0x2.x

Code size:

712 KB (729,088 bytes)

Remove smrtwk.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.