» 7ea5.tmp
Overview
Analysis
File Details

7ea5.tmp

The file 7ea5.tmp has been detected as malware by 20 anti-virus scanners.

File name:

7ea5.tmp

MD5:

2509c1662cb8c720eef9e6501c827b2d

SHA-1:

a7ef843c559098a722f9ae596426c81c5cb864d1

SHA-256:

53a8bfb04c23c039fc468311cf547dcc1a8e40a1825fadbd34ba62e6cb981b6e

Scanner detections:

20 / 68

Status:

Malware

Analysis date:

4/24/2024 12:00:15 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Graftor.168604

6205011

avast!

Win32:Malware-gen

2014.9-141221

AVG

Crypt3

2015.0.3255

Baidu Antivirus

Trojan.Win32.Kryptik

4.0.3.141221

Bitdefender

Gen:Variant.Graftor.168604

1.0.20.1770

Bkav FE

HW32.Packed

1.3.0.6267

Emsisoft Anti-Malware

Gen:Variant.Graftor.168604

9.0.0.4668

ESET NOD32

Win32/Kryptik.CTMX trojan

7.0.302.0

F-Secure

Gen:Variant.Graftor.168604

5.13.68

G Data

Gen:Variant.Graftor.168604

14.12.24

Kaspersky

Trojan-PSW.Win32.Tepfer

14.0.0.2760

Malwarebytes

Trojan.Vawtrak

v2014.12.20.08

MicroWorld eScan

Gen:Variant.Graftor.168604

15.0.0.1062

Norman

Gen:Variant.Graftor.168604

04.12.2014 14:30:06

nProtect

Trojan.GenericKD.2036865

14.12.19.01

Panda Antivirus

Generic Suspicious

14.12.21.11

Qihoo 360 Security

Malware.QVM10.Gen

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

14.12.21.23

Trend Micro House Call

PAK_Generic.005

7.2.354

Trend Micro

PAK_Generic.005

10.465.20

File size:

60 KB (61,440 bytes)

Common path:

C:\users\{user}\appdata\local\temp\7ea5.tmp

File PE Metadata

Compilation timestamp:

12/16/2014 10:00:33 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

1536:YwwjzUnypBLuE+eB9tK2eRvlwtr5cRpFCX:bwfUyXLOd2eUR5cRpoX

Entry address:

0x5E5B8

Entry point:

E8, 11, 32, 00, 00, E9, 79, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 45, 08, 33, C9, 3B, 04, CD, 28, C1, 45, 00, 74, 13, 41, 83, F9, 2D, 72, F1, 8D, 48, ED, 83, F9, 11, 77, 0E, 6A, 0D, 58, 5D, C3, 8B, 04, CD, 2C, C1, 45, 00, 5D, C3, 05, 44, FF, FF, FF, 6A, 0E, 59, 3B, C8, 1B, C0, 23, C1, 83, C0, 08, 5D, C3, E8, 4E, 20, 00, 00, 85, C0, 75, 06, B8, 90, C2, 45, 00, C3, 83, C0, 08, C3, 8B, FF, 55, 8B, EC, 33, C0, 39, 45, 08, 6A, 00, 0F, 94, C0, 68, 00, 10, 00, 00, 50, FF, 15, 24, C0, 45, 00, A3, 8C, 5C, 46, 00, 85... 
[+]

Entropy:

6.0695

Code size:

44 KB (45,056 bytes)

Remove 7ea5.tmp - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.