home

smartscan.exe

Sutherland Global Services, Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from premiumsupport.sutherlandglobal.com.
Publisher:
Sutherland Global Services, Inc.  (signed and verified)

Version:
1.0.0.0

MD5:
2f239e9d85b0ade1c6e3440088860465

SHA-1:
5c874a0cb035d020febf96f28916ed27cf9c23f4

SHA-256:
d63b5247b0ad058cac3f1039933ef89cc8b398106d1cdf7b0f1e02207d97d882

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/25/2024 11:40:09 AM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Proxy.A.275
8.3.2.2

IKARUS anti.virus
PUA.Dlhelper
t3scan.1.9.5.0

McAfee
Artemis!2F239E9D85B0
5600.6599

Qihoo 360 Security
Win32/Trojan.Proxy.858
1.0.0.1015

File size:
930.5 KB (952,840 bytes)

Product version:
1.0.0.0

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\smartscan.exe

Digital Signature
Signed by:
Sutherland Global Services, Inc.

Authority:
VeriSign, Inc.

Valid from:
8/29/2014 4:30:00 AM

Valid to:
9/28/2017 3:29:59 AM

Subject:
CN="Sutherland Global Services, Inc.", O="Sutherland Global Services, Inc.", L=Rochester, S=New York, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1B8951C280D403A3BAB4935A6666A037

File PE Metadata
Compilation timestamp:
7/16/2015 5:55:37 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
24576:LS0gw8FAVYzW9aRG/PhAs5jkXTAAYI1apsz5/0C23DWsyp:rgw8Fg8dMny6kkVI1wAeJzWsY

Entry address:
0x3AB080

Entry point:
60, BE, 00, B0, 6C, 00, 8D, BE, 00, 60, D3, FF, C7, 87, 1C, EC, 31, 00, 84, B9, C7, 18, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, CB, 96, 3A, 00, 57, 83, C3, 04, 53, 68, 74, 00, 0E, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9...
 
[+]

Entropy:
7.9857  (probably packed)

Code size:
900 KB (921,600 bytes)

The file smartscan.exe has been seen being distributed by the following URL.

https://premiumsupport.sutherlandglobal.com/.../Download

Scan smartscan.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.