basicserve_bscsrvwebd.exe

The application basicserve_bscsrvwebd.exe has been detected as a potentially unwanted program by 27 anti-malware scanners. The file has been seen being downloaded from patch.checksquarespot.com.
MD5:
ed694f988cb6ba0465e5d25e61a0b893

SHA-1:
3318066a58ecd452cfa675abf53165157da09987

SHA-256:
ebdb9c3e73caaf955348c44ab96cb1e53dd97ab0adc0579351b4973508ca250a

Scanner detections:
27 / 68

Status:
Potentially unwanted

Analysis date:
12/27/2024 12:56:40 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
ADWARE/Adware.Gen
7.11.108.72

avast!
Win32:Adware-AQG [PUP]
2014.9-130809

Baidu Antivirus
AdWare.Win32.OneStep
4.0.3.131126

Bitdefender
Trojan.Generic.9003604
1.0.20.1105

Boost by Reason
Optional.V
188163

Comodo Security
UnclassifiedMalware
17124

Dr.Web
Trojan.Searcher.1040
9.0.1.0221

Emsisoft Anti-Malware
Trojan.Generic.9003604
8.13.08.09.02

ESET NOD32
Win32/Adware.OneStep.CF
7.8932

Fortinet FortiGate
Riskware/OneStep
8/9/2013

F-Secure
Trojan.Generic.9003604
11.2013-26-11_3

G Data
Trojan.Generic.9003604
13.8.22

IKARUS anti.virus
AdWare.Win32.EoRezo
t3scan.2.0.3.0

K7 AntiVirus
Riskware
13.173.9906

Malwarebytes
Adware.OneStep
v2013.11.26.09

McAfee
Artemis!ED694F988CB6
5600.7162

MicroWorld eScan
Trojan.Generic.9003604
14.0.0.990

NANO AntiVirus
Trojan.Win32.OneStep.bpgzhz
0.26.0.55532

Norman
Troj_Generic.LWCGS
11.20130809

nProtect
Trojan.Generic.9003604
13.06.28.06

Panda Antivirus
Trj/CI.A
13.08.09.02

Rising Antivirus
Trojan.Win32.Generic.1490F648
23.00.65.131124

Sophos
Generic PUA GF
4.93

SUPERAntiSpyware
Adware.Zwangi
10668

Trend Micro House Call
TROJ_SPNR.0CE913
7.2.221

Trend Micro
TROJ_SPNR.0CE913
10.465.09

VIPRE Antivirus
Trojan.Win32.Generic
22494

File size:
1003.8 KB (1,027,914 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\basicserve_bscsrvwebd.exe

File PE Metadata
Compilation timestamp:
2/17/2007 4:48:44 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24576:7Ei/W9Oz/4G5huYbTKd0yAoy26sPUjveLWXWMJyj28rgNt:IDOznKIKXAm6sMjveLoV9t

Entry address:
0x32CE

Code size:
23 KB (23,552 bytes)

The file basicserve_bscsrvwebd.exe has been seen being distributed by the following URL.

Remove basicserve_bscsrvwebd.exe - Powered by Reason Core Security