home

TCPOptimizer.EXE

SG TCP Optimizer Application

SpeedGuide Inc.

The executable TCPOptimizer.EXE has been detected as malware by 25 anti-virus scanners. The file has been seen being downloaded from www.abusar.org.br.
Publisher:
SpeedGuide Inc.

Product:
SG TCP Optimizer Application

Description:
SG TCP Optimizer

Version:
1, 0, 0, 1

MD5:
78123b10f91db115b77765e7b7cd6c94

SHA-1:
77b8579b107b6f35df484528aebae90c64f5bba3

SHA-256:
ad618e7e69c8b3afc5f6dae16ea947e03d0880e9effdf8f35480f346b47d4564

Scanner detections:
25 / 68

Status:
Malware

Analysis date:
5/1/2024 2:54:47 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Backdoor.Prorat
7.1.1

Baidu Antivirus
Backdoor.Win32.ProRat
4.0.3.14715

Bkav FE
W32.Clod96c.Trojan
1.3.0.4959

IKARUS anti.virus
Backdoor.Win32.Prorat
t3scan.2.2.29

McAfee
Generic.dx!78123B10F91D
5600.7068

NANO AntiVirus
Trojan.Win32.Prorat.bamxbf
0.28.0.58720

Norman
Prorat.THM
11.20140715

Rising Antivirus
PE:Trojan.Win32.Generic.129CB10F!312258831
23.00.65.14713

SUPERAntiSpyware
Backdoor.Prorat
10481

Vba32 AntiVirus
Backdoor.Prorat
3.12.24.3

VIPRE Antivirus
Trojan.Win32.Generic
27792

ViRobot
Backdoor.Win32.A.Prorat.425984.A
2011.4.7.4223

XVirus List
Win32.Detected
2.7.15

File size:
416 KB (425,984 bytes)

Product version:
1, 0, 0, 1

Copyright:
Copyright (C) 2001

Trademarks:
SpeedGuide Inc

Original file name:
TCPOptimizer.EXE

File type:
Executable application (Win32 EXE)

Language:
English (United States)

File PE Metadata
Compilation timestamp:
2/22/2002 1:11:15 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:GWgQcOCxYDtvX7DPmDUiUPA9AhK+wufaSvA+p20kFawGgSq3IFKo9sVEWqvcbBEs:GRxo1X77UUPAr+79vN6CJWTAJM5q

Entry address:
0x137CF

Entry point:
55, 8B, EC, 6A, FF, 68, B0, 5B, 43, 00, 68, 94, 79, 41, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 58, 53, 56, 57, 89, 65, E8, FF, 15, D0, 11, 43, 00, 33, D2, 8A, D4, 89, 15, A0, FF, 46, 00, 8B, C8, 81, E1, FF, 00, 00, 00, 89, 0D, 9C, FF, 46, 00, C1, E1, 08, 03, CA, 89, 0D, 98, FF, 46, 00, C1, E8, 10, A3, 94, FF, 46, 00, 6A, 01, E8, 21, 41, 00, 00, 59, 85, C0, 75, 08, 6A, 1C, E8, C3, 00, 00, 00, 59, E8, 2D, 31, 00, 00, 85, C0, 75, 08, 6A, 10, E8, B2, 00, 00, 00, 59, 33, F6, 89, 75...
 
[+]

Entropy:
5.9736

Developed / compiled with:
Microsoft Visual C++ v6.0

Code size:
192 KB (196,608 bytes)

The file TCPOptimizer.EXE has been seen being distributed by the following URL.

http://www.abusar.org.br/.../TCPOptimizer.exe

Remove TCPOptimizer.EXE - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.