home

StrongholdAntiMalware.exe

Stronghold AntiMalware

Security Stronghold LLC

The application StrongholdAntiMalware.exe by Security Stronghold has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘Stronghold AntiMalware’. This file is typically installed with the program Stronghold AntiMalware by Security Stronghold which is a potentially unwanted software program.
Publisher:
Security Stronghold  (signed by Security Stronghold LLC)

Product:
Stronghold AntiMalware

Version:
1.2.0.24

MD5:
8b043c077096a371ce9b6b01827d281e

SHA-1:
74aa870e29a49a60df7ee57314d0816ca5fa5a2b

SHA-256:
feca6a75e472f81650d3b1cde778b4893d13260fa196d48d01d3a878107068ef

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
4/26/2024 2:17:30 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
Win32.Generic.SecurityStronghold.Meta
15.7.2.13

File size:
7.1 MB (7,412,384 bytes)

Product version:
1.2.0.24

Copyright:
Copyright 2003-2015 Security Stronghold

Original file name:
StrongholdAntiMalware.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\stronghold antimalware\strongholdantimalware.exe

Digital Signature
Signed by:
Security Stronghold LLC

Authority:
GlobalSign nv-sa

Valid from:
11/14/2014 7:59:35 AM

Valid to:
1/11/2016 10:49:56 AM

Subject:
E=manager@securitystronghold.com, CN=Security Stronghold LLC, O=Security Stronghold LLC, L=Astrakhan, C=RU

Issuer:
CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121429E972F949C65D48148980A12CEE76F

File PE Metadata
Compilation timestamp:
7/1/2015 12:21:01 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:XjMjwAgABDd/tEFEZ6yHrajM2DMkCT0xlRw5S6V:XjBAzld/tEaHrFkZ7wcC

Entry address:
0x56DF98

Entry point:
55, 8B, EC, B9, 08, 00, 00, 00, 6A, 00, 6A, 00, 49, 75, F9, 53, 56, 57, B8, 60, A0, 95, 00, E8, 78, F6, A9, FF, 8B, 35, 10, A1, 9B, 00, 33, C0, 55, 68, ED, E5, 96, 00, 64, FF, 30, 64, 89, 20, E8, 2F, 9C, FD, FF, 8B, 06, E8, D4, 49, BF, FF, 8B, 06, 33, D2, E8, C3, 43, BF, FF, 8B, 06, BA, 08, E6, 96, 00, E8, B7, 43, BF, FF, 8D, 45, EC, E8, 9B, 8E, C0, FF, 8D, 45, EC, BA, 44, E6, 96, 00, E8, 5A, BE, A9, FF, 8B, 45, EC, E8, D2, DA, CF, FF, 84, C0, 0F, 84, 5F, 02, 00, 00, B8, 64, E6, 96, 00, E8, 80, 3A, C4, FF...
 
[+]

Entropy:
6.6437

Developed / compiled with:
Microsoft Visual C++

Code size:
5.4 MB (5,688,320 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
Stronghold AntiMalware

Command:
C:\Program Files\stronghold antimalware\strongholdantimalware.exe


The file StrongholdAntiMalware.exe has been discovered within the following program.

Stronghold AntiMalware  by Security Stronghold
Publisher's description - “Stronghold Antivirus is a lightweight and user-friendly antivirus and antimalware for everyday use both at home and in the office. Unlike other antiviruses it doesn't consume a lot of resources, it doesn't confuse you with difficult to understand windows and complex options.”
www.securitystronghold.com/stronghold-antivirus
65% remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):
Connects to server.ssh2datastore.com  (64.37.59.154:80)

TCP (HTTP SSL):
Connects to ns2.vistaglance.com  (66.7.217.41:443)

TCP (HTTP):
Connects to ns1.vistaglance.com  (66.7.217.40:80)

Remove StrongholdAntiMalware.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.