home

smss.exe

Windows Oturum Yöneticisi

SELCUK GUNDOGDU

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The executable smss.exe, “Windows Oturum Yöneticisi” has been detected as malware by 1 anti-virus scanner.
Publisher:
Microsoft Corporation  (signed by SELCUK GUNDOGDU)

Product:
Microsoft® Windows® Operating System

Description:
Windows Oturum Yöneticisi

Version:
6.1.7600.16385

MD5:
ddc7d7f2182a48b11f4343c60ba14f21

SHA-1:
dd5720e2a2c12399bb390f3d81983130a95513de

SHA-256:
3960f3e8509ba780e3065592fcc9df3834a759e59c84fd413ab33fdee9a906e1

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
5/19/2024 8:00:50 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.3.9.3

File size:
137.7 KB (141,024 bytes)

Product version:
6.1.7600.16385

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
smss.exe

File type:
Executable application (Win32 EXE)

Language:
Turkish (Turkey)

Common path:
C:\ProgramData\windows\smss.exe

Digital Signature
Signed by:
SELCUK GUNDOGDU

Authority:
COMODO CA Limited

Valid from:
3/13/2015 2:00:00 AM

Valid to:
3/13/2016 1:59:59 AM

Subject:
CN=SELCUK GUNDOGDU, O=SELCUK GUNDOGDU, STREET=Esentepe mah dergiler sok no 25 deal plaza, L=ISTANBUL, S=SISLI, PostalCode=34394, C=TR

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00C33187FE848A65E8484EA492CB2CBB18

File PE Metadata
Compilation timestamp:
10/29/2015 1:59:02 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

Entry address:
0x2249E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
129.5 KB (132,608 bytes)

Remove smss.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.