home

8fvpsgxbbk6f.exe

Microsoft Windows Operating System

Smart Union

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The executable 8fvpsgxbbk6f.exe has been detected as malware by 1 anti-virus scanner.
Publisher:
Microsoft Corporation  (signed by Smart Union)

Product:
Microsoft® Windows(TM) Operating System

Description:
SAPISVR 5

Version:
5.1.4111.00 (XPClient.010817-1148)

MD5:
ac49c1a576bbfaccba587255bc6fc845

SHA-1:
cf8228badd3973cc42f091aed61d63c2fd0f7d18

SHA-256:
6fb05ad2190db4a7e6a827c94954b7616a52ac9adba9df20cdf617ad155337d8

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
12/27/2024 2:21:27 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.1.20.14

File size:
527.5 KB (540,176 bytes)

Product version:
5.1.4111.00

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
SAPISVR5

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\8fvpsgxbbk6f.exe

Digital Signature
Signed by:
Smart Union

Authority:
COMODO CA Limited

Valid from:
5/25/2016 3:00:00 AM

Valid to:
5/26/2017 2:59:59 AM

Subject:
CN=Smart Union, O=Smart Union, STREET=Beskudnikovsky boulevard 2, L=Moscow, S=Moscow, PostalCode=127474, C=RU

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00D0E5922E2B69FD4D0E3FFA1881ABB3A6

File PE Metadata
Compilation timestamp:
6/21/2016 3:45:34 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

Entry address:
0x1280

Entry point:
55, 8B, EC, B8, 48, 8F, 00, 00, E8, B3, FF, FF, FF, 53, 56, 57, C6, 45, F4, 3E, C6, 85, 79, 76, FF, FF, 3E, C6, 85, 89, 74, FF, FF, 3E, 68, AA, 12, 40, 00, C3, 33, F2, 8D, 12, EB, 06, 81, EF, D9, 8B, DF, 12, 87, C9, 8B, 85, 60, 73, FF, FF, C1, E8, 69, 89, 85, 58, 73, FF, FF, C7, 85, 58, 73, FF, FF, 09, 00, 00, 00, 81, BD, 58, 73, FF, FF, 9C, AD, 00, 00, 76, 02, EB, 23, 8B, 8D, 58, 73, FF, FF, 83, C1, 0C, 89, 8D, 58, 73, FF, FF, 68, 11, 3D, 48, 00, FF, 15, 0C, 30, 41, 00, BA, BC, 01, 00, 00, 85, D2, 75, CF...
 
[+]

Developed / compiled with:
Microsoft Visual C++

Code size:
71 KB (72,704 bytes)

Remove 8fvpsgxbbk6f.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.