» e790.tmp
Overview
Analysis
File Details

e790.tmp

The file e790.tmp has been detected as a potentially unwanted program by 20 anti-malware scanners.

File name:

e790.tmp

MD5:

b14bf3172684117b77d274bbb4b00b85

SHA-1:

0503188af5a22d3a281073f4cd05cb64396ec503

SHA-256:

dd90dd89fee62d9f9441bec11d73f2a95b2788ad3587e322efab99cc46037fa1

Scanner detections:

20 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 10:33:01 AM UTC (today)

Scan engine

Detection

Engine version

Agnitum Outpost

Trojan.PR.Bunitu

7.1.1

avast!

Win32:Malware-gen

2014.9-150302

AVG

Proxy

2016.0.3183

Baidu Antivirus

Backdoor.Win32.Androm

4.0.3.1532

Bkav FE

W32.VejakiH.Trojan

1.3.0.6379

Dr.Web

Trojan.DownLoad3.35002

9.0.1.061

ESET NOD32

Win32/Injector.BUHT trojan

9.7.0.302.0

Fortinet FortiGate

W32/BUHT!tr

3/2/2015

IKARUS anti.virus

Trojan.Win32.Injector

t3scan.1.8.6.0

K7 AntiVirus

Unwanted-Program

13.197.15038

Kaspersky

Backdoor.Win32.Androm

14.0.0.2410

Malwarebytes

Trojan.Agent.ED

v2015.03.02.12

McAfee

Trojan.Generic-FAVY!690D2AFEA2F7

5600.6839

Microsoft Security Essentials

Threat.Undefined

1.193.407.0

NANO AntiVirus

Trojan.Win32.DownLoad3.dnqgmr

0.30.0.296

Panda Antivirus

Trj/Chgt.O

15.03.02.12

Reason Heuristics

Threat.Win.Reputation.IMP

15.3.2.0

Sophos

Mal/Generic-S

4.98

Total Defense

Win32/Tnega.DGBGXVC

37.0.11453

VIPRE Antivirus

Threat.4150696

37588

File size:

93.6 KB (95,841 bytes)

Language:

English (United States)

Common path:

C:\windows\temp\e790.tmp

File PE Metadata

Compilation timestamp:

1/30/2015 1:24:12 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.1

.NET CLR dependent:

Yes

CTPH (ssdeep):

1536:rYfgGGRp1F42JfS5wUM4PTUbWd+e3aP56Uk+xUZyJ7M:rggGOp1F4ZwNLeKP55HUUtM

Entry address:

0x298C

Entry point:

55, 8B, EC, 6A, FF, 68, 60, 37, 40, 00, 68, 16, 2C, 40, 00, 64, A1, 00, 00, 00, 00, 50, 64, 89, 25, 00, 00, 00, 00, 83, EC, 68, 53, 56, 57, 89, 65, E8, 33, DB, 89, 5D, FC, 6A, 02, 5F, 57, FF, 15, BC, 57, 40, 00, 59, 83, 0D, E8, 41, 40, 00, FF, 83, 0D, EC, 41, 40, 00, FF, FF, 15, 00, 58, 40, 00, 8B, 0D, DC, 41, 40, 00, 89, 08, FF, 15, D0, 57, 40, 00, 8B, 0D, D8, 41, 40, 00, 89, 08, A1, D4, 57, 40, 00, 8B, 00, A3, E4, 41, 40, 00, E8, 06, 02, 00, 00, 39, 1D, E0, 40, 40, 00, 75, 0C, 68, 00, 2C, 40, 00, FF, 15... 
[+]

Entropy:

6.8292

Developed / compiled with:

Microsoft Visual C++ v6.0

Code size:

8 KB (8,192 bytes)

Remove e790.tmp - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.