home

syslog_relay.exe

MobileDevice-Interface

iSn0wra1n

Publisher:
iSn0wra1n

Product:
MobileDevice-Interface

Version:
1.0.0.0

MD5:
bc60741d1418d227cdd4eb28d48eed95

SHA-1:
98a2680a2a1af4e544b00a6c1eef843b4942a4a3

SHA-256:
17f197fc9e017b97d28fb0dac12bb393445cdc9b2d513a2541c31ecfb6b8a068

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
5/4/2024 5:54:12 AM UTC  (today)

File size:
11 KB (11,264 bytes)

Product version:
1.0.0.0

Copyright:
Copyright ©iSn0wra1n 2012

Original file name:
MobileDevice-Interface.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\syslog_relay.exe

File PE Metadata
Compilation timestamp:
1/22/2013 3:21:06 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
192:+cAnyBsZ5h5ilInUkfah2oYHlwXPxznulC:+cAIsZf5ilcHfRdHaXpil

Entry address:
0x3F5E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
4.7368

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
8 KB (8,192 bytes)

The file syslog_relay.exe has been seen being distributed by the following 6 URLs.

https://mega.nz/temporary/.../mNlU3KCI

https://mega.nz/temporary/.../6ck0ibBQ

https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/.../syslog_relay.exe

https://iactivator.googlecode.com/.../syslog_relay.exe

https://mega.co.nz/temporary/.../6ck0ibBQ

https://www.dropbox.com/s/.../syslog_relay.exe

Scan syslog_relay.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.