smss.exe

Windows Oturum Yöneticisi

SELCUK GUNDOGDU

While the file properties state the file is developed by 'Microsoft Corporation', this is not the case and it is designed just to look like a legitimate Microsoft system file. The executable smss.exe, “Windows Oturum Yöneticisi” has been detected as malware by 1 anti-virus scanner.
Publisher:
Microsoft Corporation  (signed by SELCUK GUNDOGDU)

Product:
Microsoft® Windows® Operating System

Description:
Windows Oturum Yöneticisi

Version:
1.0.0.0

MD5:
b75b6e97ef63f56080cf7676b5f6baa6

SHA-1:
c43813d74654b14aaee2dc7b862a5326beb67f5f

SHA-256:
73fb23f3a0665ada57a4740223284d3b6eb6eaca53ad8336e734d7906a543168

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/27/2024 5:51:12 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.2.28.2

File size:
216.2 KB (221,392 bytes)

Product version:
1.0.0.0

Copyright:
© Microsoft Corporation. All rights reserved.

Original file name:
smss.exe

File type:
Executable application (Win32 EXE)

Language:
Turkish (Turkey)

Common path:
C:\ProgramData\windows\smss.exe

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
3/13/2015 2:00:00 AM

Valid to:
3/13/2016 1:59:59 AM

Subject:
CN=SELCUK GUNDOGDU, O=SELCUK GUNDOGDU, STREET=Esentepe mah dergiler sok no 25 deal plaza, L=ISTANBUL, S=SISLI, PostalCode=34394, C=TR

Issuer:
CN=COMODO RSA Code Signing CA, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00C33187FE848A65E8484EA492CB2CBB18

File PE Metadata
Compilation timestamp:
3/20/2016 6:16:49 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

.NET CLR dependent:
Yes

Entry address:
0x35FDE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 78, A4, 6A, D7, 56, B7, C7, E8, DB, 70, 20, 24, EE, CE, BD, C1, AF, 0F, 7C, F5, 2A, C6, 87, 47, 13, 46, 30, A8, 01, 95, 46, FD, D8, 98, 80, 69, AF, F7, 44, 8B, B1, 5B, FF, FF, BE, D7, 5C, 89, 22, 11, 90, 6B, 93, 71, 98, FD, 8E, 43, 79, A6, 21, 08, B4, 49, 62, 25, 1E, F6, 40, B3, 40, C0, 51, 5A, 5E, 26, AA, C7, B6, E9, 5D, 10, 2F, D6, 53, 14, 44, 02, 81, E6, A1, D8, C8, FB...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
208 KB (212,992 bytes)

Remove smss.exe - Powered by Reason Core Security