» vosrv.exe
Overview
Analysis
File Details
Behaviors (1)

vosrv.exe

The application vosrv.exe has been detected as a potentially unwanted program by 19 anti-malware scanners. It runs as a separate (within the context of its own process) windows Service named “VO Service component”.

File name:

vosrv.exe

MD5:

8a3f6fe7baac4ce6d7e6adb6f4d1312d

SHA-1:

33ee7b638388f97e216fa3d67249cdbc01b247ef

Scanner detections:

19 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 5:53:39 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.1809263

867

avast!

Win32:Malware-gen

2014.9-140920

Baidu Antivirus

PUA.Win32.VOPackage

4.0.3.14920

Bitdefender

Trojan.GenericKD.1809263

1.0.20.1315

Emsisoft Anti-Malware

Trojan.GenericKD.1809263

8.14.09.20.08

ESET NOD32

Win32/VOPackage (variant)

8.10337

Fortinet FortiGate

Riskware/VOPackage

9/20/2014

F-Secure

Trojan.GenericKD.1809263

11.2014-20-09_7

G Data

Trojan.GenericKD.1809263

14.9.24

IKARUS anti.virus

PUA.Vopackage

t3scan.1.7.5.0

K7 AntiVirus

Trojan

13.183.13198

McAfee

Artemis!8A3F6FE7BAAC

5600.7001

MicroWorld eScan

Trojan.GenericKD.1809263

15.0.0.789

NANO AntiVirus

Riskware.Win32.Downware.deamgi

0.28.2.61861

nProtect

Trojan.GenericKD.1809263

14.08.29.01

Reason Heuristics

Threat.Win.Reputation.IMP

14.9.20.20

Sophos

Generic PUA DD

4.98

Trend Micro House Call

TROJ_GEN.R0C1H09HL14

7.2.263

VIPRE Antivirus

Trojan.Win32.Generic

32658

File size:

70.5 KB (72,192 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Windows\System32\config\systemprofile\application data\vopackage\vosrv.exe

File PE Metadata

Compilation timestamp:

8/14/2014 5:10:37 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

1536:HUyi+sLILrT4USu8T9iqBAOlBqCNUZlkoqy7LYWFLZYF:0yiHL8TBh8ZBAOhUkE5ZY

Entry address:

0x34AC

Entry point:

E8, CE, 24, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 5D, E9, D7, 10, 00, 00, 8B, FF, 51, C7, 01, B0, C6, 40, 00, E8, 4B, 25, 00, 00, 59, C3, 8B, FF, 55, 8B, EC, 56, 8B, F1, E8, E3, FF, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, CC, FF, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 8B, 45, 08, 83, C1, 09, 51, 83, C0, 09, 50, E8, 89, 25, 00, 00, F7, D8, 59, 1B, C0, 59, 40, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 6A, 0A, 6A, 00, FF, 75, 08, E8, A7, 28, 00, 00, 83, C4, 0C, 5D, C3, 8B, FF, 55, 8B... 
[+]

Entropy:

6.0986

Code size:

44 KB (45,056 bytes)

Service

Display name:

VO Service component

Service name:

servervo

Description:

Ongoing updates responsible service.

Type:

Win32OwnProcess

Remove vosrv.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.