susbav.exe file report

» File
File Details
Overview
Analysis

ThreatInfo file report

susbav.exe

Verdict Undefined

MD5 46ea3dcc82691fb28ed761f7c0b42e44

Latest seen 2022-01-16 21:41:22 (4 years ago)

First seen 2021-04-17 20:05:25 (5 years ago)

Size 4 MB

Product USB-AV Antivirus Service

Analyst brief

What this report says

ThreatInfo has not assigned a final verdict to susbav.exe. The metadata below can still help compare the file identity, origin, and observed behavior against a copy found on a device.

This page combines the detection verdict with file identity, publisher metadata, alternate names, observed paths, geography, OS signals, and PE details so the report reads as a triage record rather than a standalone download page.

Why it matters

Evidence available for this file

Detection

No final classification is available yet.

Timeline

First seen 2021-04-17 20:05:25 (5 years ago); latest analysis 2022-01-16 21:41:22 (4 years ago).

Publisher context

Product metadata: USB-AV Antivirus Service.

Recommended action

What to do next

Use the hash and metadata below to verify the exact file identity.
Review publisher, signature, paths, and PE details for inconsistencies.
Run a local scan if the file appears unexpectedly or starts with Windows.

File context

susbav.exe is a Windows file recorded in the ThreatInfo database. It is associated with USB-AV Antivirus Service. The current detection status is Undefined, based on the latest analysis from 2022-01-16 21:41:22 (4 years ago).

ThreatInfo does not have a final classification for this file yet. Use the technical details below to compare the hash, size, signature, and observed locations with the copy found on your device.

File Details

Main Info:

Product Name:	USB-AV Antivirus Service
MD5:	46ea3dcc82691fb28ed761f7c0b42e44
Size:	4 MB
First Published:	2021-04-17 20:05:25 (5 years ago)
Latest Published:	2022-01-16 21:41:22 (4 years ago)

Analysis:

Status:	Undefined (on last analysis)
Analysis Date:	2022-01-16 21:41:22 (4 years ago)

Geography:

	50.0%
	50.0%

The strongest geographic signal for this file is Cuba with 50.0% of observed hits. Geographic distribution can help identify targeted campaigns, regional software bundles, or where a file is most commonly reported.

OS Version:

Windows 10	50.0%
Windows 7	50.0%

The most common operating system signal for susbav.exe is Windows 10 with 50.0% of observed hits. If your system differs from the common profile, check whether the file was introduced by a specific installer, archive, or removable device.

Analysis

PE Info:

susbav.exe is identified as pe for 32 systems. The subsystem is Windows GUI. PE header values are useful for triage, especially when they do not match the expected publisher, product, or release timeline.

Subsystem:	Windows GUI
PE Type:	pe
OS Bitness:	32
Image Base:	0x00400000
Entry Address:	0x00002754

PE Sections:

Name	Size of data	MD5
.text	3785728	19dd74f59f5d0e07ac968e8a6b402d32
.data	81920	63cf6e44665e8a3dfcc8fb2620dc910a
.tls	512	1f25a0cd7df68924795075436fc8f504
.rdata	512	4fbb58f2b1c047affeba3997738a0c83
.idata	14336	d150aea0a88f6be649f8edaf9a99aaac
.didata	2560	48ccdfbf29580f3f4209a6c9e441e55e
.edata	1024	2ca9763cef9bb8cc18e38480df0b83a6
.rsrc	77824	ee079ec355109a3fa29b1f99bcfa9aef
.reloc	318976	0e4db55dc011f4d90941d0f8a4a55d4c

PE section names and hashes can reveal packing, injected resources, or unusual build artifacts. Sections with uncommon names, very large raw data, or hashes that differ from a trusted copy deserve additional review.

More information:

Search on Virustotal

copyright for information about susbav.exe