Update SBBot.exe

Smart Binary Bot

The executable Update SBBot.exe, “Smart Binary Bot Updater” has been detected as malware by 21 anti-virus scanners. The file has been seen being downloaded from smartbinarybot.com.
Publisher:
Smart Binary Bot

Product:
Smart Binary Bot

Description:
Smart Binary Bot Updater

Version:
1.0.0.0

MD5:
e87f0631af58b9d0d6bceef6c7f45069

SHA-1:
061ad82a3e87860c42ee8a277f817015944c85fe

SHA-256:
719a916d8b613914d0300e6d4edae4a2ecb0865100296acad98df9f024949d9f

Scanner detections:
21 / 68

Status:
Malware

Analysis date:
11/30/2024 3:49:19 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.2432577
222

Agnitum Outpost
Trojan.Agent
7.1.1

AhnLab V3 Security
Malware/Win32.Generic
2015.11.25

Avira AntiVirus
TR/Agent.510464.44
8.3.2.4

Arcabit
Trojan.Generic.D251E41
1.0.0.624

avast!
Win32:Malware-gen
2014.9-160627

Baidu Antivirus
Trojan.Win32.Generic
4.0.3.16627

Bitdefender
Trojan.GenericKD.2432577
1.0.20.895

Bkav FE
W32.Clodf08.Trojan
1.3.0.7383

Emsisoft Anti-Malware
Trojan.GenericKD.2432577
8.16.06.27.02

Fortinet FortiGate
W32/Generic!tr
6/27/2016

F-Secure
Trojan.GenericKD.2432577
11.2016-27-06_2

G Data
Trojan.GenericKD.2432577
16.6.25

IKARUS anti.virus
Trojan.SuspectCRC
t3scan.1.9.5.0

Kaspersky
HEUR:Trojan.Win32.Generic
14.0.0.-5

McAfee
Artemis!E87F0631AF58
5600.6356

MicroWorld eScan
Trojan.GenericKD.2432577
17.0.0.537

nProtect
Trojan.GenericKD.2432577
15.11.25.01

Panda Antivirus
Trj/Chgt.O
16.06.27.02

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1077

Quick Heal
Trojan.Generic.r4
6.16.14.00

File size:
498.5 KB (510,464 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © Smart Binary Bot 2015

Original file name:
Update SBBot.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\update sbbot.exe

File PE Metadata
Compilation timestamp:
5/3/2015 1:36:58 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:E6xByoICwcvLo8cDaWEGdhALFkkkkkkkOYRVPbC:E6iYcaWEGdI0RV

Entry address:
0x57A0E

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
6.7167

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
343 KB (351,232 bytes)

The file Update SBBot.exe has been seen being distributed by the following URL.

Remove Update SBBot.exe - Powered by Reason Core Security