home

2552.tmp

The file 2552.tmp has been detected as malware by 3 anti-virus scanners.
MD5:
99447c8bf3eeebab3c5557349468da8c

SHA-1:
f97038b03d72911f51afbc0901cbb2bc2887c6a4

SHA-256:
176c97c9d3fbef5fbf468d3f133949d5c0c1d99f2a1c5d9c042caf9e54bb6b41

Scanner detections:
3 / 68

Status:
Malware

Analysis date:
4/26/2024 2:51:42 PM UTC  (today)

Scan engine
Detection
Engine version

Kaspersky
UDS:DangerousObject.Multi.Generic
14.0.0.2258

Reason Heuristics
Threat.Downloader.KY
16.2.29.19

Sophos
Mal/Zbot-TQ
4.98

File size:
104.9 KB (107,444 bytes)

Common path:
C:\users\{user}\appdata\local\temp\2552.tmp

File PE Metadata
Compilation timestamp:
3/22/2015 9:59:10 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
1536:G9moBE5cLS5J52g55VQcwnLJspw5AMOubIASd/Dk76A8N39OSE3ugAxtTkBiX6uV:smoBQ32gzVQcwnRdsASm76b7lhkQKudb

Entry address:
0x3CF4

Entry point:
55, 8B, EC, 6A, FF, 68, 38, 76, 40, 00, 68, 44, 3F, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 90, 25, 90, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, 5F, 57, FF, 15, 10, A7, 40, 00, 59, 83, 90, 38, 96, 40, 00, FF, 83, 0D, 48, 96, 40, 00, FF, FF, 15, 20, A7, 40, 00, 8B, 0D, 24, 96, 40, 00, 89, 08, FF, 15, 30, A7, 40, 00, 8B, 0D, 20, 96, 40, 00, 89, 08, A1, 34, A7, 40, 00, 8B, 00, A3, 2C, 96, 40, 00, E8, CC, 01, 00, 00, 39, 1D, F0, 93, 40, 00, 75, 0C, 68, 2E, 3F, 40, 00, FF, 15...
 
[+]

Entropy:
6.4026

Developed / compiled with:
Microsoft Visual C++

Code size:
24 KB (24,576 bytes)

Remove 2552.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.