» svsvr.exe
Overview
Analysis
File Details

svsvr.exe

Salfeld Computer GmbH

The executable svsvr.exe has been detected as malware by 17 anti-virus scanners.

File name:

svsvr.exe

Publisher:

Salfeld Computer GmbH (signed and verified)

Version:

2.11.0.0

MD5:

f84f6718b80a30d21221ffdd6806dc64

SHA-1:

a04a91229e8914effc68ca8e02fc236318a3b686

SHA-256:

bcc1a077c7afa828887377627e39e4e31f10f372eea9f728dd4dc2b95f1e0868

Scanner detections:

17 / 68

Status:

Malware

Analysis date:

11/27/2024 9:51:24 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Trojan.Delf

7.1.1

AhnLab V3 Security

Win-Trojan/Xema.variant

2014.11.24

Avira AntiVirus

TR/Gendal.253979.1

7.11.188.94

Clam AntiVirus

Trojan.Agent-17900

0.98/21511

ESET NOD32

Win32/Delf.OZD

10.10770

Fortinet FortiGate

PossibleThreat

7/10/2016

F-Prot

W32/Trojan2.AFYY

v6.4.7.1.166

K7 AntiVirus

Trojan

13.185.14113

McAfee

Artemis!F84F6718B80A

5600.6342

NANO AntiVirus

Trojan.Win32.Delf.toeb

0.28.6.63474

Norman

Suspicious_Gen.QORM

11.20160710

nProtect

Trojan/W32.Agent.410288

14.11.21.01

Panda Antivirus

Trj/Agent.EWG

16.07.10.11

Vba32 AntiVirus

Trojan.Delf

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

35082

ViRobot

Trojan.Win32.Delf.404480.B

2011.4.7.4223

Zillya! Antivirus

Trojan.Delf.Win32.41704

2.0.0.1991

File size:

400.7 KB (410,288 bytes)

Product version:

1.0.0.0

File type:

Executable application (Win32 EXE)

Language:

German (Germany)

Common path:

C:\Windows\System32\svsvr.exe

Digital Signature

Signed by:

Salfeld Computer GmbH

Authority:

Thawte Consulting (Pty) Ltd.

Valid from:

7/12/2006 3:00:00 AM

Valid to:

7/13/2007 2:59:59 AM

Subject:

CN=Salfeld Computer GmbH, OU=Security, O=Salfeld Computer GmbH, L=Reutlingen, S=BW, C=DE

Issuer:

CN=Thawte Code Signing CA, O=Thawte Consulting (Pty) Ltd., C=ZA

Serial number:

7C51D33C549B5FEF47FBEA8C181362C0

File PE Metadata

Compilation timestamp:

6/20/1992 1:22:17 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

6144:AuA33GIS8lgfPeTVd3dn6IRBamT6AbmbAK985RgLm3QVWnlUOVfCpwlw:lA33GIlgfPejnemThbtAog4MQ7fmWw

Entry address:

0x53390

Entry point:

55, 8B, EC, 83, C4, F0, B8, F0, 30, 45, 00, E8, D0, 2A, FB, FF, 68, FC, 33, 45, 00, 6A, FF, 6A, 00, E8, E2, 2C, FB, FF, E8, A5, 2D, FB, FF, 85, C0, 74, 05, E8, 88, 09, FB, FF, A1, 10, 51, 45, 00, 8B, 00, E8, 40, BB, FF, FF, 8B, 0D, 20, 4F, 45, 00, A1, 10, 51, 45, 00, 8B, 00, 8B, 15, 80, 2E, 45, 00, E8, 40, BB, FF, FF, A1, 10, 51, 45, 00, 8B, 00, C6, 40, 5B, 00, A1, 10, 51, 45, 00, 8B, 00, E8, A9, BB, FF, FF, E8, 48, 09, FB, FF, 57, 61, 74, 63, 68, 44, 6F, 67, 53, 61, 6C, 65, 4D, 75, 74, 65, 78, 00, 00, 00... 
[+]

Entropy:

6.5770

Developed / compiled with:

Microsoft Visual C++

Code size:

329.5 KB (337,408 bytes)

Remove svsvr.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.