home

svchostanalyzer.exe

Svchost Process Analyzer

A. & M. Neuber Software

This is a setup program which is used to install the application. The file has been seen being downloaded from neuber.com and multiple other hosts.
Publisher:
Neuber Software  (signed by A. & M. Neuber Software)

Product:
Svchost Process Analyzer

Version:
1.1.0.44

MD5:
0128c472d70b46ec103f993b5bad3120

SHA-1:
e496b4a11ba8672e0f847e3956c43bde2884c586

SHA-256:
8e43b05b445c718d2ef22d4370e25d021ee1bbcfd6fee034daa3cf5215da7640

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/18/2024 10:16:13 PM UTC  (today)

File size:
527.1 KB (539,712 bytes)

Product version:
1.1.0.0

Copyright:
Copyright (c) 2009 Neuber Software

Original file name:
svchost-analyzer.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\svchostanalyzer.exe

Digital Signature
Signed by:
A. & M. Neuber Software

Authority:
Symantec Corporation

Valid from:
4/23/2015 9:00:00 AM

Valid to:
6/22/2018 8:59:59 AM

Subject:
CN=A. & M. Neuber Software, O=A. & M. Neuber Software, L=Halle, S=Sachsen-Anhalt, C=DE

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
3D42E406CF5E4F4C9C8C05854C07297F

File PE Metadata
Compilation timestamp:
6/20/1992 7:22:17 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:F/gpbs6mpts7uEZhJ/oSeLJrcGzqxEVLW1meyUGp8bv+zd2+:F/ws6cCaEZr/feSGTW1HGyz+d

Entry address:
0x1000

Entry point:
68, 01, 20, 4D, 00, E8, 01, 00, 00, 00, C3, C3, 95, BA, 57, 9D, C1, 80, 3E, 34, 90, 21, 85, A7, 1B, 9E, A6, 3C, 9C, D5, 86, 63, D0, DA, 35, 77, BD, 7C, 00, 84, 25, DC, F1, A7, 54, C3, 15, 43, D4, 95, 34, 5D, 16, B1, C1, EF, AB, F4, BC, FB, 1E, F4, E3, 92, B4, 3F, 1A, DA, 74, 14, 88, 8E, 08, 7F, 95, D2, 4E, 58, A3, 24, E1, D2, 95, C9, 0E, F5, 30, 9E, BF, 5B, A7, D8, C1, 97, DB, 7C, 91, D7, 8D, BE, E1, 4C, E2, 6D, 79, CF, 2C, BF, 76, CA, 66, 2E, 45, 32, 92, 8B, 34, 5F, C9, 60, 4B, C9, 99, 09, C2, CF, 61, 59...
 
[+]

Entropy:
7.6988

Packer / compiler:
ASProtect v1.2x (New Strain)

Code size:
442.5 KB (453,120 bytes)

The file svchostanalyzer.exe has been seen being distributed by the following 2 URLs.

http://neuber.com/free/.../SvchostAnalyzer.exe

http://www.neuber.com/.../SvchostAnalyzer.exe

Scan svchostanalyzer.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.