» softwarelagswitch1.2.exe
Overview
Analysis
File Details
Network (1)

softwarelagswitch1.2.exe

Software Lag Switch

softwarelagswitch.com

The executable softwarelagswitch1.2.exe has been detected as malware by 9 anti-virus scanners. While running, it connects to the Internet address apache2-emu.boardwalk.dreamhost.com on port 80 using the HTTP protocol.

File name:

Publisher:

softwarelagswitch.com

Product:

Software Lag Switch

Version:

0.0.0.0

MD5:

d1147bbf634a2fc03e37b30ae05a5fed

SHA-1:

0c6c558e1bd93eb7d522ec42960bb48c6421c144

SHA-256:

aabb03ccb1cd571609d1ce14f2925870caa4c05fde5655998a9458fd0de2ecb2

Scanner detections:

9 / 68

Status:

Malware

Analysis date:

4/9/2025 11:26:33 AM UTC (today)

Scan engine

Detection

Engine version

AegisLab AV Signature

HackTool.MSIL.Flooder

2.1.4+

Baidu Antivirus

Hacktool.MSIL.Flooder

4.0.3.14715

Comodo Security

UnclassifiedMalware

18598

Fortinet FortiGate

Riskware/MSIL

7/15/2014

Kaspersky

HEUR:HackTool.MSIL.Flooder

14.0.0.3556

nProtect

Trojan/W32.HackTool.863232

14.06.19.01

Qihoo 360 Security

Win32/Trojan.Flooder.211

1.0.0.1015

Sophos

Mal/MSIL-A

4.98

VIPRE Antivirus

Trojan.Win32.Generic

30452

File size:

843 KB (863,232 bytes)

Product version:

0.0.0.0

Original file name:

softwarelagswitch1.2.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Program Files\software lag switch\softwarelagswitch1.2.exe

File PE Metadata

Compilation timestamp:

2/5/2013 6:31:15 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

12288:DjEpy5ToTSORj/Z3hYi9wD6iPA4g47FtVf9SWXSORj/Z3hYi9wD6iPA4g47FtVfu:DKNeONZR59w/F7tCONZR59w/FA

Entry address:

0xC2AB2

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

7.2393

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

771 KB (789,504 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):

Connects to apache2-emu.boardwalk.dreamhost.com (66.33.213.75:80)

Remove softwarelagswitch1.2.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.