» server.exe
Overview
Analysis
File Details

server.exe

The executable server.exe has been detected as malware by 36 anti-virus scanners.

File name:

server.exe

MD5:

50d63d51d5b4e5a2ee996de616e5a183

SHA-1:

1d8c4ccb976f9275d376ef65e735d211508173b9

SHA-256:

53090a8044ed4a11e1cf57ef4743cbc4079de6a18481872e31b45cd19e32822f

Scanner detections:

36 / 68

Status:

Malware

Analysis date:

4/1/2025 8:03:09 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Backdoor.Generic.17146

-40

AegisLab AV Signature

Backdoor.W32.Small.ef!c

2.1.4+

AhnLab V3 Security

Trojan/Win32.Downloader

2016.05.27

Avira AntiVirus

BDS/Instable

8.3.3.4

Arcabit

Backdoor.Generic.D42FA

1.0.0.688

avast!

Win32:Trojano-CGQ [Trj]

2014.9-170315

AVG

BackDoor.Small.19

2018.0.2438

Baidu Antivirus

Trojan.Win32.Small

4.0.3.17315

Bitdefender

Backdoor.Generic.17146

1.0.20.370

Comodo Security

Backdoor.Win32.Small.EF

25103

Dr.Web

BackDoor.LDown

9.0.1.074

Emsisoft Anti-Malware

Backdoor.Generic.17146

8.17.03.15.04

ESET NOD32

Win32/Small.EF

11.13550

Fortinet FortiGate

W32/DLOADER.CT!tr.bdr

3/15/2017

F-Prot

W32/Goatway.B

v6.4.7.1.166

F-Secure

Backdoor.Generic.17146

11.2017-15-03_4

G Data

Backdoor.Generic.17146

17.3.25

IKARUS anti.virus

Trojan-Downloader.Win32.Small

t3scan.2.0.9.0

K7 AntiVirus

Trojan

13.226.19719

Kaspersky

Backdoor.Win32.Small

14.0.0.-1313

McAfee

BackDoor-COS

5600.6094

Microsoft Security Essentials

Backdoor:Win32/Small.EF

1.1.12804.0

MicroWorld eScan

Backdoor.Generic.17146

18.0.0.222

NANO AntiVirus

Trojan.Win32.Small.gitd

1.0.30.8482

nProtect

Backdoor/W32.Small.82290

16.05.26.01

Panda Antivirus

Trj/Genetic.gen

17.03.15.04

Qihoo 360 Security

Malware.Radar01.Gen

1.0.0.1120

Rising Antivirus

Trjoan.Generic-jT7Gyga2wFI (Cloud)

23.00.65.17313

Sophos

Troj/Bdoor-JE

4.98

Total Defense

Win32/Goatway.B

37.1.62.1

Trend Micro House Call

BKDR_GETWAY.A

7.2.74

Trend Micro

BKDR_GETWAY.A

10.465.15

Vba32 AntiVirus

Backdoor.Small

3.12.26.4

VIPRE Antivirus

BehavesLike.Win32.Malware.wsc (mx-v)

49654

ViRobot

Backdoor.Win32.Small.82290[h]

2014.3.20.0

Zillya! Antivirus

Backdoor.Small.Win32.2454

2.0.0.2891

File size:

80.4 KB (82,290 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\ceh\cehv8 module 06 trojans and backdoors\miscellaneous trojans\ees gateway v1.3b\ees gateway 1.3b\server.exe

File PE Metadata

Compilation timestamp:

1/25/2005 5:49:07 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

Entry address:

0xAAA4

Entry point:

6A, 60, 68, 20, 07, 41, 00, E8, 1C, 11, 00, 00, BF, 94, 00, 00, 00, 8B, C7, E8, A4, 22, 00, 00, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, 5C, 00, 41, 00, 8B, 4E, 10, 89, 0D, 84, 42, 41, 00, 8B, 46, 04, A3, 90, 42, 41, 00, 8B, 56, 08, 89, 15, 94, 42, 41, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, 88, 42, 41, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, 88, 42, 41, 00, C1, E0, 08, 03, C2, A3, 8C, 42, 41, 00, 33, F6, 56, 8B, 3D, 20, 01, 41, 00, FF, D7, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03... 
[+]

Entropy:

5.8478

Developed / compiled with:

Microsoft Visual C++ v7.0

Code size:

60 KB (61,440 bytes)

Remove server.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.