» b59a.tmp
Overview
Analysis
File Details

b59a.tmp

The file b59a.tmp has been detected as malware by 30 anti-virus scanners.

File name:

b59a.tmp

MD5:

eba4a52c1939925953ce0e62190ad5bb

SHA-1:

4b100b5786c5d46ad274535e28bfdbe59201c663

SHA-256:

c86eeb22e6484a5f1b99d6e0bd94ab5feca2d4e0f2c4f37a0c1dca808663e21f

Scanner detections:

30 / 68

Status:

Malware

Analysis date:

4/30/2024 2:26:34 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.2727834

474

Agnitum Outpost

Trojan.DL.Blocrypt

7.1.1

AhnLab V3 Security

Trojan/Win32.MDA

2015.10.17

Avira AntiVirus

W32/Ramnit.A

7.11.30.172

avast!

Win32:Dropper-gen [Drp]

2014.9-151018

AVG

Inject3

2016.0.2987

Baidu Antivirus

Trojan.Win32.InfoStealer.pswxtn

4.0.3.151018

Bitdefender

Trojan.GenericKD.2727834

1.0.20.1455

Dr.Web

Trojan.PWS.Stealer.13052

9.0.1.0291

Emsisoft Anti-Malware

Trojan.GenericKD.2727834

8.15.10.18.02

ESET NOD32

Win32/PSW.Fareit

9.12420

Fortinet FortiGate

W32/Tepfer.G!tr.pws

10/18/2015

F-Secure

Trojan.GenericKD.2727834

11.2015-18-10_1

G Data

Trojan.GenericKD.2727834

15.10.25

IKARUS anti.virus

Trojan.Win32.PSW

t3scan.1.9.5.0

K7 AntiVirus

Trojan-Downloader

13.211.17566

Kaspersky

Trojan-PSW.Win32.Tepfer.pswxtn

14.0.0.1257

McAfee

Artemis!EBA4A52C1939

5600.6608

Microsoft Security Essentials

Trojan:Win32/Dynamer!ac

1.1.12101.0

MicroWorld eScan

Trojan.GenericKD.2727834

16.0.0.873

NANO AntiVirus

Trojan.Win32.Stealer.dwwrkc

0.30.26.3947

nProtect

Trojan.GenericKD.2727834

15.10.16.01

Qihoo 360 Security

HEUR/QVM08.0.Malware.Gen

1.0.0.1015

Quick Heal

Trojan.Dyname.r4

10.15.14.00

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_MOSERAN.BMC

7.2.291

Trend Micro

TROJ_MOSERAN.BMC

10.465.18

Vba32 AntiVirus

TrojanPSW.Tepfer

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

44584

Zillya! Antivirus

Trojan.Tepfer.Win32.83121

2.0.0.2452

File size:

102.4 KB (104,819 bytes)

Common path:

C:\users\{user}\appdata\local\temp\b59a.tmp

File PE Metadata

Compilation timestamp:

9/14/2015 2:27:40 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

7.10

CTPH (ssdeep):

1536:JM1XGRgaxZjecla78aVLxRb8GhluCmKWE3HZV:J3Rbla78arplh4HkH

Entry address:

0x17CA

Entry point:

6A, 18, 68, 38, 71, 40, 00, E8, 16, 20, 00, 00, BF, 94, 00, 00, 00, 8B, C7, E8, 6E, 21, 00, 00, 89, 65, E8, 8B, F4, 89, 3E, 56, FF, 15, 24, 70, 40, 00, 8B, 4E, 10, 89, 0D, F8, A8, 40, 00, 8B, 46, 04, A3, 04, A9, 40, 00, 8B, 56, 08, 89, 15, 08, A9, 40, 00, 8B, 76, 0C, 81, E6, FF, 7F, 00, 00, 89, 35, FC, A8, 40, 00, 83, F9, 02, 74, 0C, 81, CE, 00, 80, 00, 00, 89, 35, FC, A8, 40, 00, C1, E0, 08, 03, C2, A3, 00, A9, 40, 00, 33, FF, 57, FF, 15, 0C, 70, 40, 00, 66, 81, 38, 4D, 5A, 75, 1F, 8B, 48, 3C, 03, C8, 81... 
[+]

Entropy:

5.6835

Developed / compiled with:

Microsoft Visual C++ v7.0

Code size:

24 KB (24,576 bytes)

Remove b59a.tmp - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.