deletetemp.exe

The executable deletetemp.exe has been detected as malware by 11 anti-virus scanners.
Remove deletetemp.exe - Powered by Reason Core Security
MD5:
ee97a3f520cf6cb4eeced51d4d7dd00c

SHA-1:
ef3a800144ade31db4e2a0d26fc5c95acae48633

SHA-256:
6750864a4a7f2439906777e76e502cbe91348337db157ddc523104564696e258

Scanner detections:
11 / 68

Status:
Malware

Analysis date:
12/6/2016 9:09:07 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Trojan.Heur2.FU.eiW@a4vZRNb
969

Avira AntiVirus
TR/Crypt.XPACK.Gen
7.11.30.172

Bitdefender
Gen:Trojan.Heur2.FU.eiW@a4vZRNb
1.0.20.805

ByteHero BDV
Trojan-Dropper.win32.Agent.a
6.10.2014.10

Commtouch SDK
W32/Virut.AI!Generic
5.4.1.7

Emsisoft Anti-Malware
Gen:Trojan.Heur2.FU.eiW@a4vZRNb
8.14.06.10.06

F-Prot
W32/Virut.AI!Generic
4.6.5.141

F-Secure
Gen:Trojan.Heur2.FU.eiW@a4vZRNb
11.2014-10-06_3

G Data
Gen:Trojan.Heur2.FU.eiW@a4vZRNb
14.6.24

MicroWorld eScan
Gen:Trojan.Heur2.FU.eiW@a4vZRNb
15.0.0.483

NANO AntiVirus
Virus.Win32.Virut-Gen.bwpxnc
0.28.0.60253

Remove deletetemp.exe - Powered by Reason Core Security
File size:
64 KB (65,536 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\deletetemp.exe

File PE Metadata
Compilation timestamp:
4/11/2008 10:48:25 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
7.0

CTPH (ssdeep):
1536:WlY8n7Fgy6/UzhDTzN9BkdCF3l5c0vtaRE5iVh:Wl1gy6s/9BkkF3lecai5i

Entry address:
0x289F

Entry point:
68, F0, 00, 00, 00, 68, D8, 12, 40, 00, E8, C2, 10, 00, 00, C7, 85, 54, FF, FF, FF, 94, 00, 00, 00, 8D, 85, 54, FF, FF, FF, 50, FF, 15, 98, 10, 40, 00, 8B, 95, 64, FF, FF, FF, 89, 15, B4, 88, 40, 00, 8B, 85, 58, FF, FF, FF, A3, C0, 88, 40, 00, 8B, B5, 5C, FF, FF, FF, 89, 35, C4, 88, 40, 00, 8B, 8D, 60, FF, FF, FF, 81, E1, FF, 7F, 00, 00, 89, 0D, B8, 88, 40, 00, 83, FA, 02, 74, 0C, 81, C9, 00, 80, 00, 00, 89, 0D, B8, 88, 40, 00, C1, E0, 08, 03, C6, A3, BC, 88, 40, 00, 33, F6, 56, 8B, 3D, 8C, 10, 40, 00, FF...
 
[+]

Entropy:
6.6481

Code size:
28 KB (28,672 bytes)

Remove deletetemp.exe - Powered by Reason Core Security