home

zwSafedotSpace.exe

zwSafedotSpace

Zavaware Co.

The executable zwSafedotSpace.exe, “Whole Space for the Safe.* Services” has been detected as malware by 8 anti-virus scanners.
Publisher:
Zavaware Co.

Product:
zwSafedotSpace

Description:
Whole Space for the Safe.* Services

Version:
1, 0, 0, 3

MD5:
662eb9678fde6d8198a3c1834f89d3fa

SHA-1:
060087fe96dd9545b6922e498255b31d7cd9d7c7

SHA-256:
61be7501fbdc70a88630ebd79850450a841f0bd050aec1acc677da6b77df4867

Scanner detections:
8 / 68

Status:
Malware

Analysis date:
4/25/2024 1:09:49 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.Generic.11731339
730

Bitdefender
Trojan.Generic.11731339
1.0.20.180

Emsisoft Anti-Malware
Trojan.Generic.11731339
8.15.02.05.12

F-Prot
W32/Heuristic-KPP
v6.4.7.1.166

F-Secure
Trojan.Generic.11731339
11.2015-05-02_5

G Data
Trojan.Generic.11731339
15.2.24

MicroWorld eScan
Trojan.Generic.11731339
16.0.0.108

nProtect
Trojan.Generic.11731339
14.09.22.01

File size:
72 KB (73,728 bytes)

Product version:
1, 0, 0, 3

Copyright:
Copyright ⓒ 2012 - by Zavaware/ArtCode

Trademarks:
Copyright ⓒ 2012 - by Zavaware/ArtCode

Original file name:
zwSafedotSpace.exe

File type:
Executable application (Win32 EXE)

Language:
Korean (Korea)

Common path:
C:\Windows\System32\zwsafedotspace.exe

File PE Metadata
Compilation timestamp:
3/13/2013 12:04:26 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
768:nNKJUu/VRQKopRsHQXZxOVj1oON3GKm4TBc+P7fnp2qFjAjtK1o:NmUcELsHUZxOLP3xLPLp7StUo

Entry address:
0x2C60

Entry point:
E8, 3D, 41, 00, 00, E9, 16, FE, FF, FF, CC, CC, CC, CC, CC, CC, 8D, 42, FF, 5B, C3, 8D, A4, 24, 00, 00, 00, 00, 8D, 64, 24, 00, 33, C0, 8A, 44, 24, 08, 53, 8B, D8, C1, E0, 08, 8B, 54, 24, 08, F7, C2, 03, 00, 00, 00, 74, 15, 8A, 0A, 83, C2, 01, 3A, CB, 74, CF, 84, C9, 74, 51, F7, C2, 03, 00, 00, 00, 75, EB, 0B, D8, 57, 8B, C3, C1, E3, 10, 56, 0B, D8, 8B, 0A, BF, FF, FE, FE, 7E, 8B, C1, 8B, F7, 33, CB, 03, F0, 03, F9, 83, F1, FF, 83, F0, FF, 33, CF, 33, C6, 83, C2, 04, 81, E1, 00, 01, 01, 81, 75, 1C, 25, 00...
 
[+]

Entropy:
5.5322

Code size:
44 KB (45,056 bytes)

Remove zwSafedotSpace.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.