vcsvc.exe

windows player

The application vcsvc.exe has been detected as a potentially unwanted program by 12 anti-malware scanners. While running, it connects to the Internet address static.88-198-241-107.clients.your-server.de on port 80 using the HTTP protocol.
Product:
windows player

Version:
1, 0, 0, 3

MD5:
2119cde8cf15f0f5a44c7aac0d5a074e

SHA-1:
4793630fe9adc5e080761483f75fe33e010104fa

SHA-256:
f027c725e67736b45a808ba5456b790c7310488df1b8fba3807f23f4d8daf7f4

Scanner detections:
12 / 68

Status:
Potentially unwanted

Analysis date:
11/25/2024 7:32:41 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Graftor.154396
844

AhnLab V3 Security
PUP/Win32.Generic
2014.10.14

Baidu Antivirus
Adware.Win32.SquareNet
4.0.3.141013

Bitdefender
Gen:Variant.Graftor.154396
1.0.20.1430

Dr.Web
Adware.Downware.8433
9.0.1.0286

Emsisoft Anti-Malware
Gen:Variant.Graftor.154396
8.14.10.13.06

ESET NOD32
Win32/SquareNet (variant)
8.10556

F-Secure
Gen:Variant.Graftor.154396
11.2014-13-10_2

G Data
Gen:Variant.Graftor.154396
14.10.24

IKARUS anti.virus
PUA.SquareNet
t3scan.1.7.8.0

McAfee
Artemis!2119CDE8CF15
5600.6978

MicroWorld eScan
Gen:Variant.Graftor.154396
15.0.0.858

File size:
348 KB (356,352 bytes)

Product version:
1, 0, 0, 3

Copyright:
Copyright 2003

Original file name:
player.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\ProgramData\application data\apsvctask\vcsvc.exe

File PE Metadata
Compilation timestamp:
10/11/2014 4:34:27 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
6144:+Q4MmH4l99pyzNvgY0jRpW5AVJ4c/+YXPyENCkfLvOW18DYvqggvxZJ:h4MmHC9pOhgY0z1J4c/+Y/yENCkfiW1E

Entry address:
0x2FA59

Entry point:
E8, 3C, B0, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, EC, 10, 53, 56, FF, 75, 10, 8D, 4D, F0, E8, 67, D0, FF, FF, 8B, 5D, 08, 33, F6, 3B, DE, 75, 2F, E8, 2E, 27, 00, 00, 56, 56, 56, 56, 56, C7, 00, 16, 00, 00, 00, E8, B3, D4, FF, FF, 83, C4, 14, 80, 7D, FC, 00, 74, 07, 8B, 45, F8, 83, 60, 70, FD, B8, FF, FF, FF, 7F, E9, C0, 00, 00, 00, 57, 8B, 7D, 0C, 3B, FE, 75, 2F, E8, F7, 26, 00, 00, 56, 56, 56, 56, 56, C7, 00, 16, 00, 00, 00, E8, 7C, D4, FF, FF, 83, C4, 14, 80, 7D, FC, 00, 74, 07, 8B, 45, F8...
 
[+]

Entropy:
6.4718

Code size:
275 KB (281,600 bytes)

The executing file has been seen to make the following network communication in live environments.

TCP (HTTP):
Connects to static.88-198-241-107.clients.your-server.de  (88.198.241.107:80)

Remove vcsvc.exe - Powered by Reason Core Security