» shttp3r.exe
Overview
Analysis
File Details
Downloads (1)

shttp3r.exe

The application shttp3r.exe has been detected as a potentially unwanted program by 17 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.softforfree.com.

File name:

shttp3r.exe

MD5:

9fb55567244c9d21ba7d3eb398c5bc8f

SHA-1:

998151ac19e27964bb8baff79aae08e0a605ef2a

SHA-256:

b94b91595a0ddfb158f9c2e26a3ddd1298144ac266336e85f63ea30b5199a47a

Scanner detections:

17 / 68

Status:

Potentially unwanted

Analysis date:

11/23/2024 9:36:26 AM UTC (today)

Scan engine

Detection

Engine version

AegisLab AV Signature

Malware.Gen!c

2.1.4+

Baidu Antivirus

Hacktool.Win32.SmallHTTP

4.0.3.1674

Bkav FE

HW32.Packed

1.3.0.8042

Comodo Security

Heur.Packed.Unknown

25267

ESET NOD32

Win32/Server-Web.SmallHTTP.AA potentially unsafe (variant)

10.13667

Fortinet FortiGate

W32/Malware_fam.NB

7/4/2016

IKARUS anti.virus

not-a-virus:Server-Web.Win32.SmallHTTP

t3scan.2.1.6.0

K7 AntiVirus

Exploit

13.2219969

Kaspersky

not-a-virus:Server-Web.Win32.SmallHTTP

14.0.0.-41

McAfee

Artemis!9FB55567244C

5600.6349

NANO AntiVirus

Trojan.Win32.Server.crapzv

1.0.38.8881

Qihoo 360 Security

Win32/Virus.f7c

1.0.0.1120

Quick Heal

(Suspicious) - DNAScan

7.16.14.00

Sophos

Small HTTP (PUA)

4.98

Trend Micro House Call

PAK_Generic.001

7.2.186

Trend Micro

PAK_Generic.001

10.465.04

VIPRE Antivirus

Trojan.Win32.Generic

50154

File size:

106.5 KB (109,056 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\downloads\shttp3r.exe

File PE Metadata

OS version:

1.11

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.1

CTPH (ssdeep):

1536:Fm5qzWRhf7fTiSW/t7/pXhYZ24DEUWZPVRISjCzwpKUmxnFOh6AtObRk1MCInZUT:Fm56gL+H/t7RJRvpVCOPtO6BWO

Entry address:

0x112C

Entry point:

89, 25, A8, 11, 40, 00, BF, 60, 35, 42, 00, 31, C0, B9, 60, 35, 42, 00, 29, F9, FC, F3, AA, 9B, DB, E3, 50, 9B, D9, 3C, 24, 9B, 80, 0C, 24, 3F, D9, 2C, 24, 58, BE, 80, 12, 40, 00, BF, 88, 12, 40, 00, 39, F7, 76, 06, FC, AD, FF, D0, EB, F6, 6A, 01, E8, 51, 21, 00, 00, 50, 6A, 00, 6A, 00, FF, 15, 04, 11, 40, 00, A3, AC, 11, 40, 00, 50, E8, 29, 19, 00, 00, BE, 88, 12, 40, 00, BF, 88, 12, 40, 00, 39, F7, 73, 0E, FC, AD, FF, D0, EB, F6, 6A, 00, FF, 15, 00, 11, 40, 00, 8B, 25, A8, 11, 40, 00, C3, FF, FF, 40, 00... 
[+]

Packer / compiler:

Feokt

Code size:

105.5 KB (108,032 bytes)

The file shttp3r.exe has been seen being distributed by the following URL.

http://www.softforfree.com/download.php?go=file&id=12311&d=1

Remove shttp3r.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.