» psobb.exe
Overview
Analysis
File Details
Programs (4)

psobb.exe

File name:

psobb.exe

MD5:

713c8541583a695060d5528eef5daae0

SHA-1:

da81ae9c7ac20f8b9e9ab1f31fedb01c4c4014f6

SHA-256:

9273fcb7726e27d6ce7d4d6561d92e6beaee8f525208480a91188b03be5bdab4

Scanner detections:

5 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

1/11/2025 2:55:26 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Packed/ExeStealth

7.1.1

Clam AntiVirus

Trojan.Agent-172908

0.98/18155

Comodo Security

Heur.Packed.MultiPacked

16804

F-Prot

W32/Heuristic-210

v6.4.7.1.166

Trend Micro House Call

TROJ_GEN.F47V0723

7.2.147

File size:

2 MB (2,077,730 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\schthack psobb\psobb.exe

File PE Metadata

Compilation timestamp:

7/30/2006 5:16:53 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

49152:ZOSinN9/oR03lwJ8McoMqg58kcziivTUj9s2ZHoV7Ue9xNz6B:MSsQR068McoPg589jWsAIVF9xV6B

Entry address:

0x753060

Entry point:

60, E8, 00, 00, 00, 00, 5D, 81, ED, 0F, 1E, 40, 00, B9, 57, 09, 00, 00, 8D, BD, 57, 1E, 40, 00, 8B, F7, AC, 90, 90, 34, 7D, F8, 90, F8, EB, 01, E8, 2C, 7A, 2A, C1, F8, 2A, C1, F8, 90, C0, C8, C7, 90, 04, 38, 34, 26, 90, C0, C0, 70, 2A, C1, 34, A2, 02, C1, 02, C1, 90, 90, C0, C0, 74, 34, 7D, F8, 90, AA, E2, CC, 27, 95, 19, 95, 1B, 58, 0A, 90, 43, 26, 2D, AA, 05, 8D, 06, 8E, 0B, F7, 30, F4, E0, 9B, 12, 5F, 27, AF, 18, 98, 7C, AF, 8E, C6, 23, 0F, 68, AF, 52, D3, 2A, C6, 53, D6, 7D, BA, 95, 29, 99, E6, C1, 1D... 
[+]

Entropy:

7.9988

Packer / compiler:

y0da's Crypter v1.x / Modified

Code size:

4.9 MB (5,156,864 bytes)

The file psobb.exe has been discovered within the following programs.

iTunes by Apple Inc.

Apple's iTunes is a proprietary media player computer program, used for playing and organizing digital music and video files on desktop computers. It can also manage contents on iPod, iPhone and iPad.

www.apple.com/itunes

9% remove it

SCHTHACK PSOBB by strags.com

strags.com/shpsobb

About 9% of users remove it

TeamSpeak 3 Client by TeamSpeak Systems GmbH

Publisher's description - “TeamSpeak 3 continues the legacy of the original TeamSpeak communication system previously offered in TeamSpeak Classic (1.5) and TeamSpeak 2.”

www.teamspeak.com

4% remove it

Unreal Anthology by Epic Games, Inc.

Publisher's description - “rom the ruthless artificial intelligence of the original UNREAL, the death gladiator chaos of UNREAL TOURNAMENT and beyond, the Unreal franchise is the king-of-the-hill in multiplayer carnage.”

www.epicgames.com

About 3% of users remove it

Scan psobb.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.