» ose.exe
Overview
Analysis
File Details

ose.exe

Office Source Engine

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The executable ose.exe has been detected as malware by 27 anti-virus scanners.

File name:

ose.exe

Publisher:

Microsoft Corporation* (Invalid match)

Product:

Office Source Engine

Version:

12.0.4518.1014

MD5:

3c3c29134c2b49d2816f1afb2dfcebb7

SHA-1:

7ec4b2a8b0e90f5359b9530b2eeaffc87d72405d

SHA-256:

7adf04f860d71fc42b580e05f2c4b8be94ee1c2c9748d4089e5dfe224eb510d4

Scanner detections:

27 / 68

Status:

Malware

Analysis date:

4/30/2024 12:54:00 PM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

Win32/Mabezat

5.0.

Avira AntiVirus

W32/Mabezat

7.9.1.158

Emsisoft A-Squared

Worm.Win32.Mabezat.b!IK

4.5.0.50

avast!

Win32:Mabezat-AM

2014.9-170312

AVG

Win32/Mabezat

2018.0.2441

Bitdefender

Win32.Worm.Mabezat.Gen

1.0.20.355

Clam AntiVirus

W32.Mabezat

0.98/17011

Comodo Security

Worm.Win32.Mabezat.b1

3813

Dr.Web

Win32.HLLW.Tazebama

9.0.1.071

ESET NOD32

Win32/Mabezat

11.4833

Fortinet FortiGate

W32/Mabezat.B

3/12/2017

F-Prot

W32/Mabezat.A-2

v6.4.5.1.85

F-Secure

Win32.Worm.Mabezat.Gen

11.2017-12-03_1

G Data

Win32.Worm.Mabezat.Gen

17.3.19

IKARUS anti.virus

Worm.Win32.Mabezat.b

t3scan.1.1.80.0

K7 AntiVirus

Virus.Win32.Mabezat.b-1

13.7.10.966

Kaspersky

Worm.Win32.Mabezat

14.0.0.-1299

McAfee

W32/Mabezat.a

5600.6097

Microsoft Security Essentials

Virus:Win32/Mabezat.B

1.163.1557.0

Norman

W32/Mabezat.B

11.20170312

Panda Antivirus

W32/Mabezat.C

17.03.12.09

Quick Heal

W32.Mabezat.B

3.17.10.00

Rising Antivirus

Win32.Mabezat.b

23.00.65.17310

Sophos

W32/Mabezat-B

4.50

Trend Micro

PE_MABEZAT.B-1

10.465.12

Vba32 AntiVirus

Worm.Win32.Mabezat.A

3.12.12.1

ViRobot

Win32.Mabezat.A

2010.2.4.2171

File size:

294.6 KB (301,711 bytes)

Product version:

12.0.4518.1014

Original file name:

ose.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\common files\microsoft shared\source engine\ose.exe

File PE Metadata

Compilation timestamp:

10/26/2006 2:00:59 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

Entry address:

0x14AE6

Entry point:

BB, A8, 12, 25, 9B, 93, E9, 20, 01, 00, 00, AD, 53, B6, B2, 5E, E2, B6, B2, 56, 6D, 38, 36, 36, B6, 36, 36, 06, 36, 36, 36, 95, 67, 6C, 67, 66, 67, 6F, 6D, 6C, 36, 36, 36, AA, 97, B0, 9B, 98, 97, A3, 97, 64, 9A, A2, A2, 36, 36, 36, 36, 92, 36, 36, 36, 7C, A8, 9B, 9B, 82, 9F, 98, A8, 97, A8, AF, 36, 79, A8, 9B, 97, AA, 9B, 7A, 9F, A8, 9B, 99, AA, A5, A8, AF, 77, 36, 36, 36, 36, 7D, 9B, AA, 8D, 9F, A4, 9A, A5, AD, A9, 7A, 9F, A8, 9B, 99, AA, A5, A8, AF, 77, 36, 36, 36, 36, 7D, 9B, AA, 83, A5, 9A, AB, A2, 9B... 
[+]

Entropy:

7.2176

Code size:

121 KB (123,904 bytes)

Remove ose.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.