home

s1tool.exe

The executable s1tool.exe has been detected as malware by 10 anti-virus scanners. This is a setup program which is used to install the application. This file is typically installed with the program Flashtool by Androxyde. The file has been seen being downloaded from s10505.chomikuj.pl.
MD5:
73cf71195d04fb733ca70ca0865cc34e

SHA-1:
0c27ea0adb5b8d37e7b1ca9f3bbfa6b1c3ebd184

Scanner detections:
10 / 68

Status:
Malware

Analysis date:
11/27/2024 10:42:10 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Spy.1219072.1
7.11.153.56

Bkav FE
HW32.CDB
1.3.0.4959

Comodo Security
UnclassifiedMalware
18444

IKARUS anti.virus
Trojan-Spy219072
t3scan.1.6.1.0

McAfee
Artemis!73CF71195D04
5600.7057

Norman
Suspicious_Gen2.QVVBY
11.20140726

Rising Antivirus
PE:Trojan.Win32.Generic.1372AA28!326281768
23.00.65.14724

Trend Micro House Call
TROJ_GEN.R047C0OL413
7.2.207

Trend Micro
TROJ_GEN.R047C0OL413
10.465.26

VIPRE Antivirus
Trojan.Win32.Generic
29970

File size:
1.2 MB (1,219,072 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
9/8/2011 5:31:32 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:KlyXCgQ3rLGaNiQbysdyAqKAh2n6ujP6/KHvNL2pbmigzNhyyh1+R2:KlCUfGEysdy5nzujQKZ2ZVchyyh1+

Entry address:
0x28BB67

Entry point:
60, 52, E9, 50, E4, FF, FF, 00, 00, 47, 65, 74, 4D, 6F, 64, 75, 6C, 65, 48, 61, 6E, 64, 6C, 65, 57, 00, 59, 0F, 9C, C0, F9, 88, 55, FE, 24, 57, F8, 08, D4, 83, F9, 04, 8D, 85, C0, 1F, 91, B5, 0F, B6, C3, 66, 0F, C8, 89, C8, 9C, 60, 52, E8, AA, 09, 00, 00, 00, 00, 45, 6E, 61, 62, 6C, 65, 53, 63, 72, 6F, 6C, 6C, 42, 61, 72, 00, 00, 00, 47, 65, 74, 56, 65, 72, 73, 69, 6F, 6E, 00, 00, 00, 53, 65, 74, 54, 68, 72, 65, 61, 64, 4C, 6F, 63, 61, 6C, 65, 00, 8D, 64, 24, 0C, E8, E9, F5, FF, FF, A8, DE, F5, 89, 45, E0...
 
[+]

Code size:
550 KB (563,200 bytes)

The file s1tool.exe has been discovered within the following program.

Flashtool  by Androxyde
Publisher's description - “Flashtool is a flashing software that can be used to Flash original Images (Android 1.6, 2.1, 2.”
androxyde.github.com/Flashtool
About 8% of users remove it
 
Powered by Should I Remove It?

The file s1tool.exe has been seen being distributed by the following URL.

http://s10505.chomikuj.pl/File.aspx?e=A9rpOqZI3qkvLbdE-g9A06HzTmOzo2h6OYXHnC9xHQFwF0MGgQ4QRu3tjSz_OKMdfHNmA7gqNrD3yXerkX6NlF_wWQuD1sDWEP-jueORfFbKqunJLIeNuoa9T2zdDEnfuPuyMJL1OpC1WintGggYUA&pv=2

Remove s1tool.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.