sxe injected.exe

It is set to automatically execute when any user logs into Windows (through the local user run registry setting) with the name ‘sXe Injected’.
MD5:
ac03f45445015c877f5b49c702882974

SHA-1:
e9c1170e6b44ae897434468f9bc4f8680fb68248

SHA-256:
59b90525f641fdaca85061a1af05a75c1e7c52f1e8934c1fe98c0c61db69281d

Scanner detections:
7 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/25/2024 3:22:26 PM UTC  (today)

Scan engine
Detection
Engine version

AVG
Generic13_c
2016.0.3085

Bkav FE
W32.HfsAutoB
1.3.0.6379

Comodo Security
UnclassifiedMalware
22250

ESET NOD32
Win32/Packed.Themida suspicious (variant)
9.11638

Fortinet FortiGate
PossibleThreat
6/8/2015

Trend Micro House Call
Suspicious_GEN.F47V0509
7.2.143

VIPRE Antivirus
Trojan.Win32.Generic
40580

File size:
6.7 MB (7,038,100 bytes)

File type:
Executable application (Win32 EXE)

Language:
Spanish (Argentina)

Common path:
C:\Program Files\sxe injected\sxe injected.exe

File PE Metadata
Compilation timestamp:
5/9/2015 3:36:50 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
98304:kaH4zZNwfsAr4ihfmTdFn++i9Ennw4JFGG726tWKhL91+wbu/wwdgOiRfOh:wkfr4auTdF+5+nnwOGrKhL9I14Rf

Entry address:
0x1037000

Entry point:
EB, 08, 0F, B8, 69, 00, 00, 00, 00, 00, E9, 00, 20, 00, 00, 54, 41, 47, 47, 00, 20, 00, 00, E6, 15, 00, 00, 01, 00, 30, 82, 15, E2, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 07, 02, A0, 82, 15, D3, 30, 82, 15, CF, 02, 01, 01, 31, 09, 30, 07, 06, 05, 2B, 0E, 03, 02, 1A, 30, 82, 09, 4C, 06, 09, 2A, 86, 48, 86, F7, 0D, 01, 07, 01, A0, 82, 09, 3D, 04, 82, 09, 39, D0, 00, 01, 00, 01, C1, B1, A1, 02, 00, 03, 00, 02, 00, 00, 00, 26, 00, 00, 00, 01, 00, 6A, FA, 03, 19, E8, FB, A5, F5, 59, 08, 47, 06, E2, 6C, 7A, F7, 94...
 
[+]

Entropy:
7.8927  (probably packed)

Code size:
581.5 KB (595,456 bytes)

Startup File (All Users Run)
Registry location:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
sXe Injected

Command:
C:\Program Files\sxe injected\sxe injected.exe


The file sxe injected.exe has been discovered within the following program.

sXe Injected  by Alejandro Cortés
Publisher's description - “Soundhacking allows players to see others player's location. There are many types of soundhacks and all do not work the same way. But for they work, they require at least one thing: the coordinates of the player's sound.”
www.sxe-injected.com
About 4% of users remove it
 
Powered by Should I Remove It?

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP SSL):
Connects to ns3046409.ip-188-165-212.eu  (188.165.212.113:443)

TCP (HTTP):
Connects to px-wdc102.quantserve.com.akadns.net  (95.172.94.56:80)

TCP (HTTP):
Connects to float.1888.bm-impbus.prod.ams1.adnexus.net  (37.252.162.140:80)

Scan sxe injected.exe - Powered by Reason Core Security