smss.exe

Windows Oturum Yöneticisi

SELCUK GUNDOGDU

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The executable smss.exe, “Windows Oturum Yöneticisi” has been detected as malware by 1 anti-virus scanner.
Publisher:
Microsoft Corporation  (signed by SELCUK GUNDOGDU)

Product:
Microsoft® Windows® Operating System

Description:
Windows Oturum Yöneticisi

Version:
1.0.0.0

MD5:
0d650a7f464041e97f6a788f70d6c884

SHA-1:
70cbe8369505805040f11b1657cc8e662ada07b2

SHA-256:
2623d2f9d93654c6817f7d1a7f86ce6eb3ef103efbbd75ed8abcdc30ac07bfdd

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/27/2024 5:29:46 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
16.9.25.1

File size:
1015.2 KB (1,039,568 bytes)

Product version:
1.0.0.0

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
smss.exe

File type:
Executable application (Win32 EXE)

Language:
Turkish (Turkey)

Common path:
C:\ProgramData\windows\chromebrowser\smss.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
3/13/2015 2:00:00 AM

Valid to:
3/13/2016 1:59:59 AM

Subject:
CN=SELCUK GUNDOGDU, O=SELCUK GUNDOGDU, STREET=Esentepe mah dergiler sok no 25 deal plaza, L=ISTANBUL, S=SISLI, PostalCode=34394, C=TR

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00C33187FE848A65E8484EA492CB2CBB18

File PE Metadata
Compilation timestamp:
3/20/2016 6:16:49 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
24576:lV+lD3yzyb+xQUNS44KEp8OXYl9hkqWZTbEsqXmc7ae95:lQlmz1XNS4EvWoxZ3wF5

Entry address:
0xFDA4E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1007 KB (1,031,168 bytes)

Remove smss.exe - Powered by Reason Core Security