» 3dea.tmp
Overview
Analysis
File Details

3dea.tmp

The file 3dea.tmp has been detected as malware by 28 anti-virus scanners.

File name:

3dea.tmp

MD5:

d33fd9c4c78d7a71a764d2fd50f17c93

SHA-1:

77694eefd0f971212936eb0003ee985464230624

SHA-256:

42dbd99570105fdfbd4f44155d889978b30c4f27bbc6d09afe5cac788e549e28

Scanner detections:

28 / 68

Status:

Malware

Analysis date:

4/26/2024 2:24:02 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.2487410

577

Agnitum Outpost

Backdoor.Papras

7.1.1

Avira AntiVirus

TR/Crypt.ZPACK.15224

8.3.1.6

Arcabit

Trojan.Generic.D25F472

1.0.0.425

avast!

Win32:Malware-gen

2014.9-150707

AVG

Win32/Heim

2016.0.3055

Baidu Antivirus

Backdoor.Win32.Papras

4.0.3.1577

Bitdefender

Trojan.GenericKD.2487410

1.0.20.940

Bkav FE

HW32.Packed

1.3.0.6379

Emsisoft Anti-Malware

Trojan.GenericKD.2487410

8.15.07.07.03

ESET NOD32

Win32/PSW.Papras.DT

9.11818

Fortinet FortiGate

W32/Papras.DT!tr.pws

7/7/2015

F-Secure

Trojan.GenericKD.2487410

11.2015-07-07_3

G Data

Trojan.GenericKD.2487410

15.7.25

IKARUS anti.virus

Trojan.Win32.PSW

t3scan.1.9.5.0

K7 AntiVirus

Password-Stealer

13.205.16308

Kaspersky

Backdoor.Win32.Papras

14.0.0.1772

Malwarebytes

Trojan.Agent.ED

v2015.07.07.03

McAfee

RDN/Generic PWS.y!b2g

5600.6711

Microsoft Security Essentials

Backdoor:Win32/Vawtrak.F

1.1.11701.0

MicroWorld eScan

Trojan.GenericKD.2487410

16.0.0.564

NANO AntiVirus

Trojan.Win32.ZPACK.dstqux

0.30.24.2086

nProtect

Trojan.GenericKD.2487410

15.06.19.01

Panda Antivirus

Generic Suspicious

15.07.07.03

Qihoo 360 Security

Win32/Trojan.21b

1.0.0.1015

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

Suspicious_GEN.F47V0614

7.2.188

VIPRE Antivirus

Trojan.Win32.Generic

41316

File size:

360.3 KB (368,986 bytes)

Common path:

C:\users\{user}\appdata\local\temp\3dea.tmp

File PE Metadata

Compilation timestamp:

10/1/2002 11:20:02 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

6144:TVUykVMKmcltsC2IjRg1QFOiFfBVtAo/mzDllyc9N+UMqnu5TJR7XKxR/:T3rcltzT9BVtAt0KwTbKxR/

Entry address:

0x419B

Entry point:

FF, 15, 5C, 10, 00, 10, 83, F8, 49, 74, 10, 68, BA, 13, 00, 10, 68, D0, 9E, 05, 10, FF, 15, 4C, 10, 00, 10, C7, 05, A4, 8E, 00, 10, 2C, 00, 00, 00, 83, 3D, A4, 8E, 00, 10, 00, 7E, 20, 68, AC, 13, 00, 10, FF, 15, 40, 10, 00, 10, 66, A3, C4, 9E, 05, 10, A1, A4, 8E, 00, 10, 83, E8, 02, A3, A4, 8E, 00, 10, EB, D7, 6A, 16, 68, 94, 13, 00, 10, 6A, 16, 68, 7C, 13, 00, 10, 6A, 02, 68, 00, 04, 00, 00, FF, 15, 54, 10, 00, 10, A3, C0, 9E, 05, 10, 68, 18, 42, 00, 10, 33, C9, 33, D2, E8, 69, 04, 00, 00, C3, 55, 8B, EC... 
[+]

Entropy:

7.3733

Code size:

25 KB (25,600 bytes)

Remove 3dea.tmp - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.