» ssget.exe
Overview
Analysis
File Details
Behaviors (1)

ssget.exe

It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘Download’.

File name:

ssget.exe

Version:

1.0.0.0

MD5:

3c8fb6240d358e712d905040b17ab2a2

SHA-1:

cb98d89ad7419b3ba076e14ecda95ae53d98138d

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

7/6/2025 3:37:42 PM UTC (today)

Scan engine

Detection

Engine version

Comodo Security

Heur.Suspicious

17713

File size:

964.5 KB (987,648 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\Documents and Settings\{user}\Application data\supportsoft\ddoctorv2\owner\ssget.exe

File PE Metadata

Compilation timestamp:

6/19/1992 6:22:17 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:hwu4kaWLyPbibv2IwE0+LbAtbOPk+dJdkI:OudabPGbVwRiAt2k+dJdk

Entry address:

0x743F8

Entry point:

55, 8B, EC, 83, C4, F0, B8, A0, 40, 47, 00, E8, 7C, 20, F9, FF, E8, 27, FA, FF, FF, 84, C0, 75, 57, E8, 26, FB, FF, FF, 84, C0, 74, 4E, A1, 48, 6A, 47, 00, 8B, 00, E8, 5A, 2D, FE, FF, A1, 48, 6A, 47, 00, 8B, 00, BA, 7C, 44, 47, 00, E8, 41, 29, FE, FF, A1, 48, 6A, 47, 00, 8B, 00, C6, 40, 5B, 00, 8B, 0D, 30, 67, 47, 00, A1, 48, 6A, 47, 00, 8B, 00, 8B, 15, B8, 1D, 47, 00, E8, 3E, 2D, FE, FF, A1, 48, 6A, 47, 00, 8B, 00, E8, B2, 2D, FE, FF, EB, 05, E8, 4B, F8, FF, FF, E8, 5A, FF, F8, FF, 00, 00, FF, FF, FF, FF... 
[+]

Entropy:

4.9863

Developed / compiled with:

Microsoft Visual C++

Code size:

461.5 KB (472,576 bytes)

Startup File (User Run)

Registry location:

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:

Download

Command:

"C:\Documents and Settings\{user}\Application data\supportsoft\ddoctorv2\owner\ssget.exe" 120 "httC:\pcmctbc.cmc.motive.com\motivedocs\easysolveinstaller.exe" "easysolveinstaller.exe"

Scan ssget.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.