sparkrc-connector.exe_636116422877656250

RealVNC

The file sparkrc-connector.exe_636116422877656250 has been detected as malware by 3 anti-virus scanners.
Publisher:
RealVNC  (signed and verified)

MD5:
f17a0d8373371b22c3ca53797f1e47c3

SHA-1:
36c924bf77b336c6cf0ab17b778eaec2be6523a4

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
5/28/2018 7:52:07 AM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/RiskWare.PEMalform.E application
6.3.12010.0

F-Prot
W32/Graftor.B.gen
4.6.5.141

Reason Heuristics
Threat.Win.Reputation (M)
16.11.20.15

File size:
2.2 MB (2,338,816 bytes)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\sparkrc-connector.exe_636116422877656250

Digital Signature
Signed by:

Authority:
RealVNC

Valid from:
2/10/2011 5:21:38 AM

Valid to:
2/7/2021 5:21:38 AM

Subject:
CN=RootCA:Root 004, O=RealVNC

Issuer:
CN=RootCA:Root 004, O=RealVNC

Serial number:
00998EDF0EA60E1E30

File PE Metadata
Compilation timestamp:
1/27/2011 11:43:15 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
24576:aftKh+mWSm5bQtsJ9KdmYw6J2xpDQQFeoxuvwJCcV/sQFaj23Fj+6xUbOWbjF680:aft4Wtor2xpDQQFe47JtVBRyPdbj41

Entry address:
0xA6D57

Entry point:
E8, 35, 0B, 05, FD, E9, 35, 0A, 5B, 9D, 6A, 0A, 6A, 00, FF, 74, 24, 0C, E8, 35, 0A, 5A, E5, 83, C4, 0C, C3, E9, 35, 0A, 5D, 5D, 55, 8B, EC, 83, EC, 10, 8B, 4D, 08, 53, 8B, 5D, 0C, 56, 57, 33, FF, 39, 7D, 10, 89, 4D, F8, 89, 5D, FC, 74, 21, 39, 7D, 14, 74, 1C, 3B, CF, 75, 1F, E8, 35, 0A, B6, D3, 57, 57, 57, 57, C7, 00, 16, 00, 00, 00, 57, E8, 35, 0A, 46, 35, 83, C4, 14, 33, C0, 5F, 5E, 5B, C9, C3, 8B, 75, 18, 3B, F7, 74, 0D, 83, C8, FF, 33, D2, F7, 75, 10, 39, 45, 14, 76, 21, 83, FB, FF, 74, 0B, 53, 57, 51...
 
[+]

Entropy:
6.1987

Code size:
1.3 MB (1,413,120 bytes)

Remove sparkrc-connector.exe_636116422877656250 - Powered by Reason Core Security