» smss.exe
Overview
Analysis
File Details
Behaviors (1)

smss.exe

smss

Ts Security System - Seguranc a em Sistemas Ltda

The executable smss.exe has been detected as malware by 18 anti-virus scanners. It runs as a scheduled task under the Windows Task Scheduler triggered by a time event.

File name:

smss.exe

Publisher:

TS Security System (signed by Ts Security System - Seguranc a em Sistemas Ltda)

Product:

smss

Version:

1.00.0033

MD5:

425e3ae8dfec4bf1d6ca5e1dccf9d129

SHA-1:

ba8f868de8d5d411b06d29dccdac5e5dcf42225f

SHA-256:

90ef4abe4ab9749096b5f2b9b3cc5de7005782e4049f6bcc0e82ded14e8fb63e

Scanner detections:

18 / 68

Status:

Malware

Analysis date:

4/26/2024 5:29:28 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.7926913

1139

AhnLab V3 Security

Malware/Win32.Generic

2013.12.28

Bitdefender

Trojan.Generic.7926913

1.0.20.1780

Comodo Security

UnclassifiedMalware

17507

Emsisoft Anti-Malware

Trojan.Generic.7926913

8.13.12.22.04

ESET NOD32

Win32/SPYWORK (variant)

7.9190

Fortinet FortiGate

W32/Vb!tr

12/22/2013

F-Prot

W32/VB-Wird-based

v6.4.7.1.166

F-Secure

Trojan.Generic.7926913

11.2013-22-12_1

G Data

Trojan.Generic.7926913

13.12.22

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.2.2.29

K7 AntiVirus

Trojan

13.174.10656

McAfee

Generic VB

5600.7273

MicroWorld eScan

Trojan.Generic.7926913

14.0.0.1068

Panda Antivirus

Generic Malware

13.12.22.04

Trend Micro House Call

TROJ_GEN.RCBCEJS

7.2.356

Trend Micro

TROJ_GEN.RCBCEJS

10.465.22

VIPRE Antivirus

Trojan.Win32.Generic

24802

File size:

169.6 KB (173,672 bytes)

Product version:

1.00.0033

TS Security System

Trademarks:

Original file name:

smss.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\users\{user}\appdata\roaming\ts security\smss.exe

Digital Signature

Signed by:

Ts Security System - Seguranc a em Sistemas Ltda

Authority:

COMODO CA Limited

Valid from:

8/29/2012 9:00:00 PM

Valid to:

8/30/2013 8:59:59 PM

Subject:

CN=Ts Security System - Seguranc a em Sistemas Ltda, OU=winmonitor, O=Ts Security System - Seguranc a em Sistemas Ltda, STREET=Rua Major Carvalho Filho 1321 Casa a, L=Araraquara, S=São Paulo, PostalCode=14801280, C=BR

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

00B5ED4793C94E41E8FE5C716CA98C3B32

File PE Metadata

Compilation timestamp:

8/17/2012 1:32:51 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

3072:OcVo+v0q67hDB1vk03n63Tj4xGGXhkGE6TolRwai0lU:bVZv0qOFhYTJlRC

Entry address:

0x12E8

Entry point:

68, A4, 19, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 38, 00, 00, 00, 00, 00, 00, 00, 06, A1, 79, BA, 75, 13, EE, 4D, 82, ED, 23, 8A, 60, AE, C7, 18, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 2D, 43, 30, 30, 30, 2D, 73, 6D, 73, 73, 00, 30, 30, 30, 00, 00, 00, 00, FF, CC, 31, 00, 06, 7E, ED, 65, 55, F6, 1B, 44, 4E, 9D, 41, 87, 10, 50, 85, 10, 68, 69, 8F, BB, C7, 74, 77, 5A, 43, 86, 6B, 32, 22, F2, 08, 6B, AA, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00, AA, 00, 60, D3, 93, 00, 00, 00... 
[+]

Developed / compiled with:

Microsoft Visual Basic v5.0/v6.0

Code size:

156 KB (159,744 bytes)

Scheduled Task

Task name:

{E07CA5E0-F6A0-4375-938F-CFA31DD10E4A-TSSystemTaskMachine}

Trigger:

Time (Next runs on 22/12/2013 at 20:03)

Remove smss.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.