» 67c7.tmp
Overview
Analysis
File Details

67c7.tmp

The file 67c7.tmp has been detected as malware by 12 anti-virus scanners.

File name:

67c7.tmp

MD5:

eb3a4212b61444ec8a7c41ce24403cdf

SHA-1:

ff15351d6f97b15884897b8426e27ea5e73a65be

SHA-256:

c96bdb9ac8eeb0f8e826b7aa886f58dd79b0100e5935c67f495c219c06c1cfbb

Scanner detections:

12 / 68

Status:

Malware

Analysis date:

4/19/2024 1:17:41 PM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

Trojan/Win32.Tibs

2012.04.03

Avira AntiVirus

TR/Crypt.XPACK.Gen2

7.11.26.206

avast!

Win32:Malware-gen

2014.9-160215

AVG

Generic27

2017.0.2832

Dr.Web

Trojan.Packed.194

9.0.1.046

Emsisoft Anti-Malware

Trojan.Win32.Tibs!IK

8.16.02.15.07

ESET NOD32

Win32/Kryptik.BG (variant)

10.7021

G Data

Win32:Malware-gen

16.2.22

IKARUS anti.virus

Trojan.Win32.Tibs

t3scan.1.1.118.0

McAfee

Generic.dx!bd3k

5600.6488

Microsoft Security Essentials

Trojan:Win32/Tibs.IT

1.163.1557.0

VIPRE Antivirus

Trojan.Win32.Generic

11740

File size:

610 KB (624,640 bytes)

Common path:

C:\windows\temp\67c7.tmp

File PE Metadata

Compilation timestamp:

3/26/2012 5:11:42 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:zlVW9C/UdwhOPqbrFdJnOf5j9E4woh2spUk1GC5RbA6XizUMG7K2:ZGC/UdwHTJnOfRu4RHP4FIN7

Entry address:

0x107D9

Entry point:

B8, FF, FF, FF, FF, 40, 39, C1, 74, 11, 09, D2, 75, 04, 89, D3, EB, 0B, 69, 5A, 04, 22, 14, 67, 07, EB, 02, 89, CB, 29, C0, 50, B8, FC, E1, 41, 00, FF, 10, 8B, 50, 04, 8B, 40, 10, 39, C2, 74, 13, 6A, 00, 6A, 00, 6A, 00, 6A, 00, B8, D4, E0, 41, 00, FF, 10, 39, D0, 74, 01, C3, 55, 89, E5, 83, EC, 10, C7, 45, F0, 55, E2, 05, 00, C7, 45, F4, 3E, E6, 05, 00, C7, 45, F8, 67, 29, 3B, 00, C7, 45, FC, 5A, 2D, 3B, 00, 8D, 45, F0, 50, 6A, 00, B8, BC, E1, 41, 00, FF, 10, 83, F8, 44, 74, 05, E8, 2C, 00, 00, 00, C9, FF... 
[+]

Entropy:

4.6909

Code size:

112.5 KB (115,200 bytes)

Remove 67c7.tmp - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.