st_rsser64.exe

Spyware Terminator 2015

Crawler Group, LLC

The application st_rsser64.exe, “Spyware Terminator 2015 Realtime Shield Service” by Crawler Group has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It runs as a separate (within the context of its own process) windows Service named “Spyware Terminator 2015 Realtime Shield Service”.
Publisher:
Crawler Group, LLC  (signed and verified)

Product:
Spyware Terminator 2015

Description:
Spyware Terminator 2015 Realtime Shield Service

Version:
3.0.1.109

MD5:
7b76d509d5c17340381ef93b64cd7a0b

SHA-1:
14e5c74ed4ee5e8694a460825bcce45b4b56e79b

SHA-256:
1387e0bd6f4aa146b2aa4e681a13dcb30039fbb02f029f8fbbb19f3d53b2aba3

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/25/2024 1:17:35 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Crawler (M)
17.3.16.9

File size:
3.1 MB (3,292,424 bytes)

Product version:
3.0.0.0

Copyright:
© Crawler Group, LLC

Original file name:
st_rsser.exe

File type:
Executable application (Win64 EXE)

Language:
English (United States)

Common path:
C:\Program Files\spyware terminator\st_rsser64.exe

Digital Signature
Authority:
Symantec Corporation

Valid from:
4/4/2016 8:00:00 PM

Valid to:
8/20/2017 7:59:59 PM

Subject:
CN="Crawler Group, LLC", O="Crawler Group, LLC", L=Wilmington, S=Delaware, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
533225A4195C349EB2DE67B04D02A0C4

File PE Metadata
Compilation timestamp:
3/14/2017 6:28:57 AM

OS version:
5.2

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
8.0

Entry address:
0x2934E0

Entry point:
55, 48, 83, EC, 30, 48, 8B, EC, 48, 89, 6D, 28, 48, 8B, 05, C5, 0D, 04, 00, C6, 00, 01, 90, 48, 8D, 0D, DA, 1B, FF, FF, E8, 0D, 30, D8, FF, 90, E8, C7, E6, FE, FF, EB, 08, 90, 90, E8, 5E, A6, D7, FF, 90, E8, E8, AE, D7, FF, EB, 08, 90, 90, E8, CF, B0, D7, FF, 90, 48, 8D, 65, 30, 5D, C3, 48, 8D, 04, 05, 00, 00, 00, 00, 48, 83, EC, 28, E8, 67, A5, D7, FF, 48, 83, C4, 28, C3, 48, 90, 48, 83, EC, 28, E8, 57, A5, D7, FF, 48, 83, C4, 28, C3, CC, CC, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
5.9652

Code size:
2.6 MB (2,696,704 bytes)

Service
Display name:
Spyware Terminator 2015 Realtime Shield Service

Service name:
ST2012_Svc

Type:
Win32OwnProcess


Remove st_rsser64.exe - Powered by Reason Core Security