svhost.exe
Supersoft
The application svhost.exe by Supersoft has been detected as adware by 16 anti-malware scanners. Accoriding to the detections, it is a variant of Zbot (Zeus), a trojan that attempts to steal confidential information (online credentials, and banking details) from a compromised computer and send it to online criminals via a command-and-control server.
MD5:
8cfda3e111b37744b439127a2b21b772
SHA-1:
e49a69d041bd4f3c8627ca8a20ee85e2b8bc94db
SHA-256:
162b21e1b541dfadc1f08fc6300dd2ab3179cd74d1b831e2024a4bf17d52cb39
Scanner detections:
16 / 68
Analysis date:
3/28/2024 10:34:17 PM UTC (today)
Scan engine
Detection
Engine version
Lavasoft Ad-Aware
Gen:Variant.Kazy.417301
5835096
AhnLab V3 Security
Trojan/Win32.Zbot
2014.11.26
avast!
Win32:Zbot-UHB [Trj]
141119-1
Bitdefender
Gen:Variant.Kazy.417301
1.0.20.1645
Emsisoft Anti-Malware
Gen:Variant.Kazy.417301
9.0.0.4570
ESET NOD32
Win32/Injector.BIAH.Gen trojan
7.0.302.0
Fortinet FortiGate
W32/Kryptik.AHOB!tr
11/25/2014
F-Secure
Gen:Variant.Kazy.417301
11.2014-25-11_3
G Data
Gen:Variant.Kazy.417301
14.11.24
Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.2892
McAfee
PWSZbot-FAAY!8CFDA3E111B3
5600.6935
MicroWorld eScan
Gen:Variant.Kazy.417301
15.0.0.987
Reason Heuristics
PUP.Supersoft.G
14.11.25.11
Rising Antivirus
PE:Malware.Obscure!1.9C59
23.00.65.141123
Vba32 AntiVirus
BScope.Malware-Cryptor.Zbot.2694
3.12.26.3
File size:
239.7 KB (245,408 bytes)
File type:
Executable application (Win32 EXE)
Common path:
C:\users\{user}\downloads\d3dlock 1.7\d3dlock 1.7\svhost.exe
Valid from:
9/30/2012 10:26:38 AM
Valid to:
1/1/2040 12:59:59 AM
Serial number:
6B50254A40C7CFB14A405056B8F04272
Compilation timestamp:
1/29/2009 12:38:54 AM
CTPH (ssdeep):
6144:WJ3ec184vx0H+leGXFkRCqFiWniZHB2xX31koRdK:WJ3T184J0G1CiqixkxXeSK
Code size:
14.5 KB (14,848 bytes)