home

gfhdd4ew7a2g.tmp

The file gfhdd4ew7a2g.tmp has been detected as malware by 39 anti-virus scanners.
MD5:
38d6eb5672a223ab464dfd0e356738d7

SHA-1:
132e053dadf1fdcec3e4cc72060a2c5f667e6656

SHA-256:
e94c6ab4c3cddc905fc9f36205422eddff9e24badd0e200f6789a40862603a64

Scanner detections:
39 / 68

Status:
Malware

Analysis date:
4/26/2024 7:43:32 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Heur.Virtool.1
865

Agnitum Outpost
Trojan.Injector
7.1.1

AhnLab V3 Security
Spyware/Win32.SpyEyes
2014.09.21

Avira AntiVirus
TR/Crypt.Agent.KIC
7.11.173.132

avast!
Win32:Tiny-AMS [Trj]
2014.9-140922

AVG
Dropper.Small
2015.0.3343

Baidu Antivirus
Worm.Win32.Palevo
4.0.3.14922

Bitdefender
Gen:Heur.Virtool.1
1.0.20.1325

Bkav FE
W32.DorkbotPwsLnrA.Trojan
1.3.0.4959

Clam AntiVirus
Win.Trojan.Dropper-1824
0.98/21411

Comodo Security
UnclassifiedMalware
19565

Dr.Web
Win32.HLLW.Lime.1739
9.0.1.0265

Emsisoft Anti-Malware
Gen:Heur.Virtool
8.14.09.22.01

ESET NOD32
Win32/Injector.JFP
8.10444

Fortinet FortiGate
W32/Malware_fam.NB
9/22/2014

F-Prot
W32/Dropper.BJIC
v6.4.7.1.166

F-Secure
Gen:Heur.Virtool.1
11.2014-22-09_2

G Data
Gen:Heur.Virtool
14.9.24

IKARUS anti.virus
Trojan-Dropper.Small
t3scan.1.7.8.0

K7 AntiVirus
Trojan
13.183.13432

Kaspersky
UDS:DangerousObject.Multi.Generic
14.0.0.3212

Malwarebytes
Trojan.Small
v2014.09.22.01

McAfee
PWS-Zbot.gen.ke
5600.6999

Microsoft Security Essentials
Worm:Win32/Dorkbot.T
1.11005

MicroWorld eScan
Gen:Heur.Virtool.1
15.0.0.795

NANO AntiVirus
Trojan.Win32.DownLoad2.dughy
0.28.2.62151

Norman
Inject.AHHB
11.20140922

nProtect
Trojan/W32.Agent.3072.OV
14.09.19.01

Panda Antivirus
Trj/PWSteal.R
14.09.22.01

Qihoo 360 Security
Win32/Worm.P2P-Worm.b99
1.0.0.1015

Quick Heal
Worm.Dorkbot.T4
9.14.14.00

Sophos
W32/Autorun-BTM
4.98

Total Defense
Win32/Rimecud.DFR
37.0.11190

Trend Micro House Call
TROJ_SPNR.03L811
7.2.265

Trend Micro
TROJ_SPNR.03L811
10.465.22

Vba32 AntiVirus
Worm.Palevo
3.12.26.3

VIPRE Antivirus
Trojan.Win32.Generic
33284

ViRobot
Worm.Win32.A.P2P-Palevo.3072.A
2011.4.7.4223

Zillya! Antivirus
Trojan.Dybalom.Win32.5501
2.0.0.1927

File size:
3 KB (3,072 bytes)

Common path:
C:\users\{user}\appdata\local\temp\gfhdd4ew7a2g.tmp

File PE Metadata
Compilation timestamp:
8/28/2011 2:10:06 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
24:ev1GScWb9U4FhCj4n+AHDw0jXoTCBixHmM9:qcwe4LeURDoTCB

Entry address:
0x11F2

Entry point:
6A, 01, 58, C2, 0C, 00, 00, 00, 00, 00, 00, 00, 00, 00, 56, 20, 00, 00, 68, 20, 00, 00, 48, 20, 00, 00, 00, 00, 00, 00, 38, 20, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 7C, 20, 00, 00, 00, 20, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 56, 20, 00, 00, 68, 20, 00, 00, 48, 20, 00, 00, 00, 00, 00, 00, 7D, 00, 45, 78, 69, 74, 50, 72, 6F, 63, 65, 73, 73, 00, 3E, 01, 47, 65, 74, 50, 72, 6F, 63, 41, 64, 64, 72, 65, 73, 73, 00, 00, 26, 01, 47, 65, 74, 4D, 6F, 64, 75, 6C...
 
[+]

Code size:
512 Bytes (512 bytes)

Remove gfhdd4ew7a2g.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.