deletetemp.exe

The executable deletetemp.exe has been detected as malware by 13 anti-virus scanners.
Remove deletetemp.exe - Powered by Reason Core Security
MD5:
7409e1941a37b791fa4f038a9876f12a

SHA-1:
8a8efb9b8dae2632ae2ae570733fb7a1496d6c37

SHA-256:
c72c84ace9feb58e8473d6c2c4e8a7afb8ff2a4de353b51609eb4317653e6225

Scanner detections:
13 / 68

Status:
Malware

Analysis date:
12/11/2016 5:19:16 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Trojan.Heur2.FU.eiW@a4vZRNb
969

Avira AntiVirus
TR/Crypt.XPACK.Gen
7.11.30.172

avast!
Win32:Patched-YH [Trj]
140608-0

Bitdefender
Gen:Trojan.Heur2.FU.eiW@a4vZRNb
1.0.20.805

ByteHero BDV
Trojan-Dropper.win32.Agent.a
6.10.2014.10

Commtouch SDK
W32/Virut.AI!Generic
5.4.1.7

Emsisoft Anti-Malware
Gen:Trojan.Heur2.FU.eiW@a4vZRNb
8.14.06.10.06

F-Prot
W32/Virut.AI!Generic
4.6.5.141

F-Secure
Gen:Trojan.Heur2.FU.eiW@a4vZRNb
11.2014-10-06_3

G Data
Gen:Trojan.Heur2.FU.eiW@a4vZRNb
14.6.24

IKARUS anti.virus
Trojan.Win32.Ertfor
t3scan.1.6.1.0

MicroWorld eScan
Gen:Trojan.Heur2.FU.eiW@a4vZRNb
15.0.0.483

NANO AntiVirus
Virus.Win32.Virut-Gen.bwpxnc
0.28.0.60253

Remove deletetemp.exe - Powered by Reason Core Security
File size:
64 KB (65,536 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\deletetemp.exe

File PE Metadata
Compilation timestamp:
4/11/2008 10:48:25 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.0

CTPH (ssdeep):
1536:ZlY8n7Fgy6/UzhDTzN9BkdtS6VHLmDvcMe3/Uy:Zl1gy6s/9BkSaHLmDvcxUy

Entry address:
0x289F

Entry point:
68, F0, 00, 00, 00, 68, D8, 12, 40, 00, E8, C2, 10, 00, 00, C7, 85, 54, FF, FF, FF, 94, 00, 00, 00, 8D, 85, 54, FF, FF, FF, 50, FF, 15, 98, 10, 40, 00, 8B, 95, 64, FF, FF, FF, 89, 15, B4, 88, 40, 00, 8B, 85, 58, FF, FF, FF, A3, C0, 88, 40, 00, 8B, B5, 5C, FF, FF, FF, 89, 35, C4, 88, 40, 00, 8B, 8D, 60, FF, FF, FF, 81, E1, FF, 7F, 00, 00, 89, 0D, B8, 88, 40, 00, 83, FA, 02, 74, 0C, 81, C9, 00, 80, 00, 00, 89, 0D, B8, 88, 40, 00, C1, E0, 08, 03, C6, A3, BC, 88, 40, 00, 33, F6, 56, 8B, 3D, 8C, 10, 40, 00, FF...
 
[+]

Entropy:
6.6473

Code size:
28 KB (28,672 bytes)

Remove deletetemp.exe - Powered by Reason Core Security