» dat2b65.tmp.exe
Overview
Analysis
File Details

dat2b65.tmp.exe

Microsoft C++ Runtime Library

j3d.java.com

The executable dat2b65.tmp.exe has been detected as malware by 26 anti-virus scanners.

File name:

dat2b65.tmp.exe

Publisher:

j3d.java.com (signed and verified)

Product:

Microsoft® C++ Runtime Library

Version:

7,0,9466,0

MD5:

4ba5b768e9de50b791422fad6fef05a9

SHA-1:

2a80ffbb8c20cce8acc68cb28489efba3f9105d0

SHA-256:

5b32a5a0c73aef7916ac49fcdc8e92e2b7f98e810979cb6f12b59d988dd0b05e

Scanner detections:

26 / 68

Status:

Malware

Analysis date:

4/27/2024 3:37:14 AM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

Win-Trojan/Agent.115592.B

2012.04.26

Avira AntiVirus

TR/Dropper.Gen

7.11.28.174

avast!

Win32:Malware-gen

2014.9-140131

AVG

Generic27

2015.0.3578

Bitdefender

Gen:Trojan.Heur.FU.hu1@a834!tmi

1.0.20.155

Comodo Security

UnclassifiedMalware

12156

Dr.Web

BackDoor.Siggen.39630

9.0.1.031

Emsisoft Anti-Malware

Backdoor.Win32.Kbot!IK

8.14.01.31.01

ESET NOD32

Win32/Kryptik.ABFD (variant)

8.7088

Fortinet FortiGate

W32/Palevo.BAT!tr

1/31/2014

F-Secure

Gen:Trojan.Heur.FU.hu1@a834!tmi

11.2014-31-01_6

G Data

Gen:Trojan.Heur.FU.hu1@a834!tmi

14.1.22

IKARUS anti.virus

Backdoor.Win32.Kbot

t3scan.1.1.118.0

K7 AntiVirus

Riskware

13.138.6750

Kaspersky

Trojan.Win32.Scar

14.0.0.4385

McAfee

Generic.jp

5600.7234

Microsoft Security Essentials

TrojanDownloader:Win32/Phdet.E

1.163.1557.0

Norman

W32/Troj_Generic.AFVCI

11.20140131

Panda Antivirus

Generic Trojan

14.01.31.01

Quick Heal

TrojanDownloader.Phdet

1.14.12.00

Reason Heuristics

Unnamed.Threat.30

14.3.6.21

Sophos

Mal/Generic-L

4.73 TP

Trend Micro House Call

TROJ_TEDROO.SMB

7.2.31

Trend Micro

TROJ_TEDROO.SMB

10.465.31

Vba32 AntiVirus

Trojan.Scar.gbeq

3.12.16.4

VIPRE Antivirus

Trojan.Win32.Generic

11841

File size:

112.9 KB (115,592 bytes)

Product version:

7,0,9466,0

Software Inc

Original file name:

setup.exe

File type:

Executable application (Win32 EXE)

Language:

English (United States)

Common path:

C:\windows\temp\dat2b65.tmp.exe

Digital Signature

Signed by:

j3d.java.com

Authority:

Root Agency

Valid from:

2/19/2012 8:26:09 PM

Valid to:

1/1/2040 12:59:59 AM

Subject:

CN=j3d.java.com

Issuer:

CN=Root Agency

Serial number:

955F8D80742A39BF4EEC01F04E2B8C46

File PE Metadata

Compilation timestamp:

2/24/2012 1:24:56 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.10

CTPH (ssdeep):

1536:MnIFW2FBoQsN8OlkZ8BK8WnOG3ndMjkFfczuJ27QG0QW0MHmDx7s/0DShKV3:MAQMFxdawfczuJ27lkFGDxDZV3

Entry address:

0x8D80

Entry point:

55, 8B, EC, 83, EC, 48, 57, C7, 45, F4, BE, 00, 00, 00, C7, 45, F8, 32, 00, 00, 00, 8B, 45, F8, 0F, AF, 45, F4, 89, 45, F8, C7, 45, FC, 00, 00, 00, 00, C7, 45, E4, 01, 00, 00, 00, 83, 7D, 0C, 01, 0F, 84, 28, 05, 00, 00, C7, 45, E0, 1F, 00, 00, 00, 8B, 4D, E0, 81, C9, 9E, 00, 00, 00, 0F, 84, CF, 01, 00, 00, 8B, 55, F8, 3B, 55, E0, 0F, 8C, C3, 01, 00, 00, 8B, 45, F8, 3B, 45, F4, 0F, 8E, B7, 01, 00, 00, 81, 7D, F4, AE, 00, 00, 00, 7E, 0E, 8B, 4D, F4, 3B, 4D, F8, 7D, 06, 83, 7D, E0, 3E, 7F, 77, C7, 45, F4, DA... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

40 KB (40,960 bytes)

Remove dat2b65.tmp.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.