» SeoFast.exe
Overview
Analysis
File Details
Network (28)

SeoFast.exe

SeoFast

1

File name:

SeoFast.exe

Publisher:

Product:

SeoFast

Version:

1.00.0038

MD5:

192dd55bc24a3a5194c818eb23a96ab3

SHA-1:

a16b3969655885ea9b57dd15999c3342c713c45d

SHA-256:

d06e155b9d3e8154bd0063fce2d1abd69b65e6e7cd84295e7b651d439e6bd1ad

Scanner detections:

6 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

11/5/2024 12:40:37 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Packed/SoftCompress

7.1.1

Avira AntiVirus

TR/Crypt.XPACK.Gen

7.11.30.172

Bkav FE

HW32.Paked

1.3.0.4959

F-Prot

W32/VBTrojan.11

4.6.5.141

Trend Micro House Call

PAK_Generic.001

7.2.266

Trend Micro

PAK_Generic.001

10.465.23

File size:

40.2 KB (41,209 bytes)

Product version:

1.00.0038

Original file name:

SeoFast.exe

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

7/9/2014 6:40:02 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

768:JtSHlwy5J7gVX82vyy+NIEGioqBbyJNjNnrhpSGXtfxXzsM:JtoHEVs2KdNIEtBOJNjNrhpNxXgM

Entry address:

0x2105C

Entry point:

E9, BE, 00, 00, 00, 60, 8B, 74, 24, 24, 8B, 7C, 24, 28, FC, B2, 80, 33, DB, A4, B3, 02, E8, 6D, 00, 00, 00, 73, F6, 33, C9, E8, 64, 00, 00, 00, 73, 1C, 33, C0, E8, 5B, 00, 00, 00, 73, 23, B3, 02, 41, B0, 10, E8, 4F, 00, 00, 00, 12, C0, 73, F7, 75, 3F, AA, EB, D4, E8, 4D, 00, 00, 00, 2B, CB, 75, 10, E8, 42, 00, 00, 00, EB, 28, AC, D1, E8, 74, 4D, 13, C9, EB, 1C, 91, 48, C1, E0, 08, AC, E8, 2C, 00, 00, 00, 3D, 00, 7D, 00, 00, 73, 0A, 80, FC, 05, 73, 06, 83, F8, 7F, 77, 02, 41, 41, 95, 8B, C5, B3, 01, 56, 8B... 
[+]

Packer / compiler:

Software Compress v1.2

Code size:

120 KB (122,880 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to web2401.rus-chat.de (178.63.89.247:80)

TCP (HTTP):

Connects to vipip.ru (78.46.36.21:80)

TCP (HTTP):

Connects to topf3.p.mail.ru (217.69.133.140:80)

TCP (HTTP):

Connects to static.200.118.63.178.clients.your-server.de (178.63.118.200:80)

TCP (HTTP):

Connects to static.177.102.9.5.clients.your-server.de (5.9.102.177:80)

TCP (HTTP):

Connects to srv.dimhost.ru (85.17.231.164:80)

TCP (HTTP):

Connects to servs3.iphoster.net (37.187.78.133:80)

TCP (HTTP):

Connects to server6.m-hoster-6.ru (46.165.230.97:80)

TCP (HTTP):

Connects to server-54-230-231-58.waw50.r.cloudfront.net (54.230.231.58:80)

TCP (HTTP SSL):

Connects to server-54-230-230-103.waw50.r.cloudfront.net (54.230.230.103:443)

TCP (HTTP):

Connects to server4.shneider-host.ru (144.76.202.11:80)

TCP (HTTP):

Connects to seo-zel.net (62.109.3.72:80)

TCP (HTTP):

Connects to s7.h.mchost.ru (178.208.83.11:80)

TCP (HTTP):

Connects to s16.h.mchost.ru (178.208.83.20:80)

TCP (HTTP):

Connects to prg02s12-in-f6.1e100.net (173.194.122.6:80)

TCP (HTTP):

Connects to people-group.su (144.76.18.36:80)

TCP (HTTP):

Connects to m2.argo.beget.ru (5.101.153.35:80)

TCP (HTTP):

Connects to LXXXIX.CCXLVIII.CCXXV.XLIV.quickline.ru (89.248.225.44:80)

TCP (HTTP):

Connects to h16.ihc.ru (91.218.229.42:80)

TCP (HTTP):

Connects to ec2-54-246-180-54.eu-west-1.compute.amazonaws.com (54.246.180.54:80)

Scan SeoFast.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.