» gxke540.tmp
Overview
Analysis
File Details

gxke540.tmp

The file gxke540.tmp has been detected as malware by 31 anti-virus scanners.

File name:

gxke540.tmp

MD5:

e44135d349a1e450f5f0c4637af07343

SHA-1:

138eff7b03a5e1e784aff13da875643005282619

SHA-256:

723deb272e7dfbffce439129bf8144633216c2bf79e1eecd58e74d39b3ae9827

Scanner detections:

31 / 68

Status:

Malware

Analysis date:

4/24/2024 11:09:15 PM UTC (a few moments ago)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.434060

835

Agnitum Outpost

Trojan.PWS.Fareit

7.1.1

AhnLab V3 Security

Dropper/Win32.Necurs

2014.09.04

Avira AntiVirus

TR/Crypt.XPACK.Gen

7.11.170.222

avast!

Win32:Malware-gen

2014.9-141022

AVG

SHeur4

2015.0.3313

Baidu Antivirus

Trojan.Win32.Kryptik

4.0.3.141022

Bitdefender

Gen:Variant.Kazy.434060

1.0.20.1475

Bkav FE

W32.BoxerI.Trojan

1.3.0.4959

Dr.Web

Trojan.DownLoad.64914

9.0.1.0295

Emsisoft Anti-Malware

Gen:Variant.Kazy.434060

8.14.10.22.04

ESET NOD32

Win32/Kryptik.CJDR (variant)

8.10367

Fortinet FortiGate

W32/Fareit.ARBW!tr.pws

11/2/2014

F-Secure

Gen:Variant.Kazy.434060

11.2014-22-10_4

G Data

Gen:Variant.Kazy.434060

14.10.24

IKARUS anti.virus

Trojan.Win32.Crypt

t3scan.1.7.5.0

K7 AntiVirus

Riskware

13.183.13139

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.3062

McAfee

RDN/Generic Dropper!vd

5600.6969

Microsoft Security Essentials

TrojanDropper:Win32/Cutwail

1.10904

MicroWorld eScan

Gen:Variant.Kazy.434060

15.0.0.885

NANO AntiVirus

Trojan.Win32.DownLoad.demoju

0.28.2.61942

nProtect

Trojan.Generic.11615884

14.08.22.01

Panda Antivirus

Trj/CI.A

14.10.22.04

Qihoo 360 Security

HEUR/Malware.QVM20.Gen

1.0.0.1015

Quick Heal

TrojanDropper.Cutwail.r4

10.14.14.00

Reason Heuristics

Threat.Win.Reputation.IMP

14.11.2.16

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_GEN.R030C0DI414

7.2.295

Trend Micro

TROJ_GEN.R030C0DI414

10.465.22

VIPRE Antivirus

Trojan.Win32.Generic

32444

File size:

57.3 KB (58,624 bytes)

Common path:

C:\users\{user}\appdata\local\temp\gxke540.tmp

File PE Metadata

Compilation timestamp:

9/4/2006 10:55:16 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

5.12

CTPH (ssdeep):

1536:pV7qdaNw/2eqm4PUQ2yXG3o0EX6QZaycrcE:HqdaNu2LmLQ2yXKoUt1cE

Entry address:

0x1600

Entry point:

33, C9, 51, E8, 9A, B7, 00, 00, 50, 8F, 05, 8D, E0, B2, 00, C7, 05, 91, E0, B2, 00, 30, 00, 00, 00, C7, 05, 95, E0, B2, 00, 03, 00, 00, 00, C7, 05, 99, E0, B2, 00, 06, CC, B2, 00, C7, 05, 9D, E0, B2, 00, 00, 00, 00, 00, C7, 05, A1, E0, B2, 00, 00, 00, 00, 00, FF, 35, 8D, E0, B2, 00, 8F, 05, A5, E0, B2, 00, C7, 05, B1, E0, B2, 00, 06, 00, 00, 00, C7, 05, B5, E0, B2, 00, 00, 00, 00, 00, C7, 05, B9, E0, B2, 00, 93, 1E, B2, 00, E9, 40, 02, 00, 00, C7, C7, C7, C7, C7, C7, C7, C7, C7, C7, C7, C7, C7, C7, C7, C7... 
[+]

Entropy:

6.1357

Code size:

47.5 KB (48,640 bytes)

Remove gxke540.tmp - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.