home

structuredquery.exe

The executable structuredquery.exe has been detected as malware by 15 anti-virus scanners. According to AVG, this software downloads additional adware offers during setup.
MD5:
dd306e9ff5cc38086824ad94d3f7e87d

SHA-1:
ffbf7a35261ee9ed16cf4c04163abadc513e114e

SHA-256:
3bd8e5328197743ea1429ad9e3ef2d3b225292381cde72960518a0940f270198

Scanner detections:
15 / 68

Status:
Malware

Analysis date:
4/19/2024 10:50:58 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Backdoor/Win32.Androm
2013.08.29

Avira AntiVirus
BDS/Androm.aoeh
7.11.98.174

avast!
MSIL:Injector-DB [Trj]
2014.9-140424

AVG
Downloader.MSIL
2015.0.3495

Comodo Security
UnclassifiedMalware
16840

Dr.Web
BackDoor.Blackshades.17
9.0.1.0114

ESET NOD32
MSIL/Injector.BPM (variant)
8.8739

Fortinet FortiGate
MSIL/Injector.WWP!tr
4/24/2014

IKARUS anti.virus
Trojan-Downloader
t3scan.2.0.127

Kaspersky
Backdoor.Win32.Androm
14.0.0.3968

McAfee
Artemis!DD306E9FF5CC
5600.7151

Panda Antivirus
Trj/CI.A
14.04.24.09

Sophos
Mal/Generic-S
4.91

Trend Micro House Call
TROJ_GEN.R0C1H01GE13
7.2.114

VIPRE Antivirus
Trojan.Win32.Generic
20970

File size:
3.9 MB (4,081,152 bytes)

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\roaming\microsoft\windows\templates\structuredquery.exe

File PE Metadata
Compilation timestamp:
7/6/2013 11:26:57 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
49152:qBjnwEq3/ziRHcJLLPSNyT54baZ6K1R9tD3RvzU56rSn2u+OWFFOvGIfh0pDaTWa:qBLt/C4baUeR9BBI

Entry address:
0x3DF28E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.0598

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
3.9 MB (4,051,968 bytes)

Remove structuredquery.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.