» svc.exe
Overview
Analysis
File Details

svc.exe

{5A84487E-52EC-44FA-93C1-52C2DCFE2456}

The executable svc.exe has been detected as malware by 27 anti-virus scanners.

File name:

svc.exe

Publisher:

{5A84487E-52EC-44FA-93C1-52C2DCFE2456} (signed and verified)

MD5:

7ba716c08fde5c165b261b2e2612567a

SHA-1:

14957742f5af56c6de1e5b97452149f051229afa

SHA-256:

917cf0d0eec98695a1182a019c0e43d9e9c6f6163c36a1c1a1d271a4e4309e46

Scanner detections:

27 / 68

Status:

Malware

Analysis date:

4/24/2024 4:57:08 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1641336

985

Agnitum Outpost

Trojan.Injector

7.1.1

AhnLab V3 Security

Spyware/Win32.Limitail

2014.05.25

Avira AntiVirus

TR/Injector.dij.11

7.11.151.92

avast!

Win32:Malware-gen

2014.9-140525

AVG

Zbot

2015.0.3463

Baidu Antivirus

Trojan.MSIL.Injector

4.0.3.14525

Bitdefender

Trojan.GenericKD.1641336

1.0.20.725

Comodo Security

UnclassifiedMalware

18318

Emsisoft Anti-Malware

Trojan.GenericKD.1641336

8.14.05.25.04

ESET NOD32

MSIL/Injector.DJL (variant)

8.9844

Fortinet FortiGate

MSIL/Injector.DIJ!tr

5/25/2014

F-Secure

Trojan.GenericKD.1641336

11.2014-25-05_1

G Data

Trojan.GenericKD.1641336

14.5.24

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.178.12184

Malwarebytes

Trojan.Inject

v2014.05.25.04

McAfee

PWSZbot-FXD!7BA716C08FDE

5600.7119

MicroWorld eScan

Trojan.GenericKD.1641336

15.0.0.435

Norman

Troj_Generic.TNVXQ

11.20140525

nProtect

Trojan.GenericKD.1641336

14.05.23.01

Panda Antivirus

Trj/CI.A

14.05.25.04

Qihoo 360 Security

Win32/Trojan.670

1.0.0.1015

Sophos

Mal/Cleaman-B

4.98

Trend Micro House Call

TROJ_GEN.R0CBC0PDL14

7.2.145

Trend Micro

TROJ_GEN.R0CBC0PDL14

10.465.25

VIPRE Antivirus

Trojan.Win32.Generic

29552

File size:

192.1 KB (196,672 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\malware\malwaredomainlist\svc.exe

Digital Signature

Signed by:

{5A84487E-52EC-44FA-93C1-52C2DCFE2456}

Authority:

{5A84487E-52EC-44FA-93C1-52C2DCFE2456}

Valid from:

4/9/2014 11:24:48 PM

Valid to:

4/10/2015 5:24:48 AM

Subject:

CN={5A84487E-52EC-44FA-93C1-52C2DCFE2456}

Issuer:

CN={5A84487E-52EC-44FA-93C1-52C2DCFE2456}

Serial number:

6DB8BC1AE91B0D9041D4181B8FB471D0

File PE Metadata

Compilation timestamp:

4/13/2014 5:10:31 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

3072:o137Pbr5+oTgEFnCRLeAlcZfRnA1xXbYeERYRrGGniQOQO8GvsSnOHaUGvAtDIM:K37sdhrbYNRsSGiQWVnOHaUDDIM

Entry address:

0x30AEE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

6.2882

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

187 KB (191,488 bytes)

Remove svc.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.