» 5ma92a8.tmp
Overview
Analysis
File Details

5ma92a8.tmp

The file 5ma92a8.tmp has been detected as malware by 28 anti-virus scanners.

File name:

5ma92a8.tmp

MD5:

c87c1d3efcb1ed90aecdedff2bcc9ecc

SHA-1:

d5f61a52a6e8cbfba462b0136b891fe1fd8190db

SHA-256:

a562bf248785d5e0df51a4abd5426328346485d8f3d4d4563525b5630181ffe0

Scanner detections:

28 / 68

Status:

Malware

Analysis date:

4/25/2024 9:42:20 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Zusy.105473

835

Agnitum Outpost

Trojan.Kryptik

7.1.1

AhnLab V3 Security

Trojan/Win32.Necurs

2014.09.18

avast!

Win32:Malware-gen

2014.9-141022

AVG

SHeur4

2015.0.3313

Baidu Antivirus

Trojan.Win32.Cutwail

4.0.3.141022

Bitdefender

Gen:Variant.Zusy.105473

1.0.20.1475

Bkav FE

W32.AbirotJ.Trojan

1.3.0.4959

Dr.Web

Trojan.DownLoad.64914

9.0.1.0295

Emsisoft Anti-Malware

Gen:Variant.Zusy.105473

8.14.10.22.04

ESET NOD32

Win32/Kryptik.CKHI (variant)

8.10433

Fortinet FortiGate

W32/Cutwail.DZV!tr

10/22/2014

F-Secure

Gen:Variant.Zusy.105473

11.2014-22-10_4

G Data

Gen:Variant.Zusy.105473

14.10.24

IKARUS anti.virus

Trojan-Dropper.Win32.Cutwail

t3scan.1.7.8.0

Kaspersky

Trojan.Win32.Cutwail

14.0.0.3062

Malwarebytes

Trojan.Krypt

v2014.10.22.04

McAfee

Artemis!C87C1D3EFCB1

5600.6969

Microsoft Security Essentials

TrojanDropper:Win32/Cutwail.gen!K

1.11005

MicroWorld eScan

Gen:Variant.Zusy.105473

15.0.0.885

NANO AntiVirus

Trojan.Win32.Cutwail.denmvb

0.28.2.62151

Panda Antivirus

Trj/Genetic.gen

14.10.22.04

Qihoo 360 Security

Malware.QVM09.Gen

1.0.0.1015

Quick Heal

Trojan.Cutwail.r4

10.14.14.00

Sophos

Mal/Zbot-QL

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Dropper

10284

Trend Micro House Call

TROJ_GEN.R030C0DIH14

7.2.295

Trend Micro

TROJ_GEN.R030C0DIH14

10.465.22

File size:

112 KB (114,688 bytes)

Language:

Portuguese (Brazil)

Common path:

C:\users\{user}\appdata\local\temp\5ma92a8.tmp

File PE Metadata

Compilation timestamp:

9/2/2014 4:41:46 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

11.0

CTPH (ssdeep):

1536:1DHhge9OxzIS7EdVKmGfulm1rdi1RLscP3IH+Ljt:deFEdG2WH+Ljt

Entry address:

0xE9F7

Entry point:

E8, D8, 13, 00, 00, E9, 29, 74, 00, 00, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, CC, 00, 41, 40, 43, 42, 00, 65, 43, AF, C4, 70, 47, E8, 50, AC, 3C, C4, 28, 93, 40, 41, 0D, 0D, C5, 42, 18, 9E, 4A, FC, 6B, CD, CB, 41, 35, 0D, 40, CC, 00, 62, CC, 00, 48, 00, 40, 00, 00, CD, 44, 41, 40, 00, 34, 05, 43, 63, 42, F0, 3C, EF, 4B, 82, 15, C4, B8, C8, 34, 40, 40, 64, 34, AA, 2C, BC, 33, 21, 7B, C9, 41, BF, D5, 7A, 2E, 34, 14, 41, 2F, BF, C9, 00, 63, 48, 40, 62, CB, 00, 00, 0D, 00, CD, 44, 34, 40, BF... 
[+]

Entropy:

6.6284

Code size:

91.5 KB (93,696 bytes)

Remove 5ma92a8.tmp - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.