» ~2A0A.tmp
Overview
Analysis
File Details

~2A0A.tmp

NTT DATA CORPORATION

The program is a setup application that uses the Self-extracting archive installer.

File name:

~2A0A.tmp

Publisher:

NTT DATA CORPORATION (signed and verified)

MD5:

d83866f8506555481e1326ba6993060f

SHA-1:

a262d179d7ad5e59eed4f433f64f74627339ae5b

SHA-256:

4d30ae4e7123e0561b86212df7f336a4c9da5c3d587a1a33191c5e23d96633b9

Scanner detections:

1 / 68

Status:

Inconclusive (not enough data for an accurate detection)

Analysis date:

7/13/2025 8:39:22 PM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Dropper.Gen

8.3.2.2

File size:

306.6 KB (314,000 bytes)

Installer:

Self-extracting archive

Common path:

C:\users\{user}\appdata\local\temp\~2a0a.tmp

Digital Signature

Signed by:

NTT DATA CORPORATION

Authority:

NTT DATA CORPORATION

Valid from:

11/8/2010 7:00:00 PM

Valid to:

11/8/2015 6:59:59 PM

Subject:

E=adfujiden@kih.biglobe.ne.jp, CN=KDEN(15/11/08)FUJISAKI TAKASI, T=KDEN000001, OU=Dept - KDEN000001, OU=Company Name - FUJIDEN, OU=EmployeeID - KDENA694, OU=TWINNET Public CA, O=NTT DATA CORPORATION

Issuer:

CN=TWINNET Public CA, O=NTT DATA CORPORATION, C=JP

Serial number:

7EBFC21D038348A1F49C26FB24581981

File PE Metadata

Compilation timestamp:

10/30/2010 9:05:50 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

6144:FY20AljuB28YZgqEPfS1fE1G5SDNTWmRPZzR6zIelqYG:FY20AljdZgBPfKfWNTLRPNR65AY

Entry address:

0x1D5DB

Entry point:

E8, 85, 63, 00, 00, E9, 78, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 8D, 45, 08, 50, 8B, F1, E8, 82, FC, FF, FF, C7, 06, 20, B2, 42, 00, 8B, C6, 5E, 5D, C2, 04, 00, C7, 01, 20, B2, 42, 00, E9, 37, FD, FF, FF, 8B, FF, 55, 8B, EC, 56, 8B, F1, C7, 06, 20, B2, 42, 00, E8, 24, FD, FF, FF, F6, 45, 08, 01, 74, 07, 56, E8, 4E, CA, FF, FF, 59, 8B, C6, 5E, 5D, C2, 04, 00, 8B, FF, 55, 8B, EC, 56, 57, 8B, 7D, 08, 8B, 47, 04, 85, C0, 74, 47, 8D, 50, 08, 80, 3A, 00, 74, 3F, 8B, 75, 0C, 8B, 4E, 04, 3B, C1, 74, 14, 83, C1, 08... 
[+]

Entropy:

7.1963

Code size:

161.5 KB (165,376 bytes)

Scan ~2A0A.tmp - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.