» asulaunch.tmp
Overview
Analysis
File Details

asulaunch.tmp

WEBPIC DESENVOLVIMENTO DE SOFTWARE LTDA

The file asulaunch.tmp has been detected as malware by 24 anti-virus scanners.

File name:

asulaunch.tmp

Publisher:

WEBPIC DESENVOLVIMENTO DE SOFTWARE LTDA (signed and verified)

MD5:

4a06d21d3b62b7c9db0ba3430dcb1e29

SHA-1:

1aa71a8102ec2faaf8732726a30e8e00d6212362

SHA-256:

02bb8a48847f9d96f7dd39e19e8e5fe0612222413fd17c12209feb4db541e37f

Scanner detections:

24 / 68

Status:

Malware

Analysis date:

4/25/2024 2:01:10 PM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Trojan.PWS.Banker

7.1.1

AhnLab V3 Security

Malware/Win32.Generic

2015.10.27

Arcabit

Trojan.Strictor.DD709

1.0.0.585

avast!

Win32:Banker-KTY [Trj]

2014.9-160928

AVG

Luhe.Fiha.A

2017.0.2607

Bitdefender

Gen:Variant.Strictor.55049

1.0.20.1360

Comodo Security

UnclassifiedMalware

23480

Emsisoft Anti-Malware

Gen:Variant.Strictor.55049

8.16.09.28.05

ESET NOD32

Win32/Spy.Banker.AAWU (variant)

10.12470

Fortinet FortiGate

W32/Banker.BPKP!tr

9/28/2016

F-Secure

Gen:Variant.Strictor.55049

11.2016-28-09_4

G Data

Gen:Variant.Strictor.55049

16.9.25

IKARUS anti.virus

Trojan.SuspectCRC

t3scan.1.9.5.0

K7 AntiVirus

Trojan

13.212.17655

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.-471

McAfee

GenericR-ATY!4A06D21D3B62

5600.6263

MicroWorld eScan

Gen:Variant.Strictor.55049

17.0.0.816

NANO AntiVirus

Trojan.Win32.Banker.cwujpr

0.30.26.3947

Panda Antivirus

Trj/CI.A

16.09.28.05

Quick Heal

TrojanBanker.Banker.r9

9.16.14.00

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_SPNV.01DG14

7.2.272

Trend Micro

TROJ_SPNV.01DG14

10.465.28

VIPRE Antivirus

Trojan.Win32.Generic

44842

File size:

791.6 KB (810,592 bytes)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\asulaunch.tmp

Digital Signature

Signed by:

WEBPIC DESENVOLVIMENTO DE SOFTWARE LTDA

Authority:

COMODO CA Limited

Valid from:

3/5/2014 9:00:00 PM

Valid to:

3/6/2015 8:59:59 PM

Subject:

CN=WEBPIC DESENVOLVIMENTO DE SOFTWARE LTDA, O=WEBPIC DESENVOLVIMENTO DE SOFTWARE LTDA, STREET="RUA RUBIAO JUNIOR, 2386", STREET=PISO SUPERIOR, STREET=PARQUE INDUSTRIAL, L=SAO JOSE DO RIO PRETO, S=SAO PAULO, PostalCode=15025080, C=BR

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

0B0D17EC1449B4B2D38FCB0F20FBCD3A

File PE Metadata

Compilation timestamp:

4/3/2014 1:24:34 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

CTPH (ssdeep):

12288:1RsIc4FIOmYPu3HcqKT22zIQBKn4QU1oWmQqjRG18Oa3yArWqnuFvmCYMVpk:PfmYPu3HLA3BiU1oWmQq1GGOaG+ugSk

Entry address:

0xA7B50

Entry point:

55, 8B, EC, 83, C4, EC, 33, C0, 89, 45, EC, B8, 94, 67, 4A, 00, E8, AB, F4, F5, FF, 33, C0, 55, 68, 01, 7C, 4A, 00, 64, FF, 30, 64, 89, 20, A1, 94, DF, 4A, 00, 8B, 00, E8, D5, 87, FB, FF, A1, 94, DF, 4A, 00, 8B, 00, B2, 01, E8, 7F, A6, FB, FF, 8B, 0D, 40, DE, 4A, 00, A1, 94, DF, 4A, 00, 8B, 00, 8B, 15, DC, 78, 49, 00, E8, C7, 87, FB, FF, A1, 94, DF, 4A, 00, 8B, 00, C6, 40, 5B, 00, A1, 94, DF, 4A, 00, 8B, 00, E8, E8, 88, FB, FF, A1, 40, DE, 4A, 00, 8B, 00, 80, B8, 78, 03, 00, 00, 00, 74, 1F, 6A, 00, 8D, 55... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

666.5 KB (682,496 bytes)

Remove asulaunch.tmp - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.