home

security_cleaner.exe

The application security_cleaner.exe has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. The file has been seen being downloaded from otctytvi.myvnc.com.
MD5:
0dc0d92d4472945a970406872f484145

SHA-1:
2481543dfe04e65744280e77ff14b48df9b03731

SHA-256:
c1159408ee659a411f48503147225dff21bd515e7198eaf4a3bcfd9c95d95c11

Scanner detections:
1 / 68

Status:
Potentially unwanted

Analysis date:
1/14/2025 10:59:25 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.SecCleaner (M)
16.9.7.11

File size:
751 Bytes

File type:
Executable application (Win64 EXE)

Common path:
C:\users\{user}\downloads\security_cleaner.exe

File PE Metadata
OS bitness:
Win64

CTPH (ssdeep):
6:gYK0Q8a0NNEXW0YM/l10JcEpiZjGjihY2ggyVfGPIRhcVMXPnKrAvsRR:XLQYfA0JcvGjihY1rfGPI9XvKRR

Entry point:
48, 54, 54, 50, 2F, 31, 2E, 31, 20, 35, 30, 34, 20, 46, 69, 64, 64, 6C, 65, 72, 20, 2D, 20, 52, 65, 63, 65, 69, 76, 65, 20, 46, 61, 69, 6C, 75, 72, 65, 0D, 0A, 43, 6F, 6E, 74, 65, 6E, 74, 2D, 54, 79, 70, 65, 3A, 20, 74, 65, 78, 74, 2F, 68, 74, 6D, 6C, 3B, 20, 63, 68, 61, 72, 73, 65, 74, 3D, 55, 54, 46, 2D, 38, 0D, 0A, 43, 6F, 6E, 6E, 65, 63, 74, 69, 6F, 6E, 3A, 20, 63, 6C, 6F, 73, 65, 0D, 0A, 54, 69, 6D, 65, 73, 74, 61, 6D, 70, 3A, 20, 31, 37, 3A, 35, 39, 3A, 31, 32, 2E, 31, 31, 33, 0D, 0A, 43, 61, 63, 68...
 
[+]

Entropy:
2.9694

The file security_cleaner.exe has been seen being distributed by the following URL.

http://otctytvi.myvnc.com/.../kIcH0LCdVGLp3rfgW2GSiNy 2HVZf8nAluVQyGmfnDqQ11kBjE4EpXhdgKkccsLkwqY6SkCruf6R0txQgeOtIabtCPWH8dGgW k=

Remove security_cleaner.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.