» gxmc39.tmp
Overview
Analysis
File Details

gxmc39.tmp

The file gxmc39.tmp has been detected as malware by 16 anti-virus scanners.

File name:

gxmc39.tmp

MD5:

f4b73a9ec710e8ce924f45429cddc50c

SHA-1:

322928fdb021f377323e12e2bbb7485f18ee5031

SHA-256:

2a03379eaaea9287372b6f3fa686580a6b05d50d6f921aa366eedb1e0878bb0a

Scanner detections:

16 / 68

Status:

Malware

Analysis date:

4/26/2024 10:32:04 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Zusy.109333

835

Agnitum Outpost

Trojan.Wigon

7.1.1

AhnLab V3 Security

Trojan/Win32.Zbot

2014.10.08

Avira AntiVirus

TR/Crypt.Xpack.97540

7.11.177.52

avast!

Win32:Dropper-gen [Drp]

2014.9-141022

AVG

Generic36

2015.0.3313

Bitdefender

Gen:Variant.Zusy.109333

1.0.20.1475

Emsisoft Anti-Malware

Gen:Variant.Zusy.109333

8.14.10.22.04

ESET NOD32

Win32/Wigon.PH

8.10529

Fortinet FortiGate

W32/Cutwail.ERN!tr

10/22/2014

F-Secure

Gen:Variant.Zusy.109333

11.2014-22-10_4

G Data

Gen:Variant.Zusy.109333

14.10.24

Kaspersky

Trojan.Win32.Cutwail

14.0.0.3061

McAfee

Artemis!F4B73A9EC710

5600.6969

MicroWorld eScan

Gen:Variant.Zusy.109333

15.0.0.885

Rising Antivirus

PE:Trojan.Win32.Generic.176126F8!392242936

23.00.65.141020

File size:

124 KB (126,976 bytes)

Language:

Polish (Poland)

Common path:

C:\users\{user}\appdata\local\temp\gxmc39.tmp

File PE Metadata

Compilation timestamp:

10/2/2014 8:41:32 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

CTPH (ssdeep):

3072:UeU4GMXh/r67Byb2iLJrSVXq3/Zlhh4j2IVeotWKL/eyr3JPbVSJK3EkQTGbercO:UV4ZrFg5045x

Entry address:

0xEB63

Entry point:

E8, D3, 9D, FF, FF, E9, D8, 5A, 00, 00, 8B, 44, 24, 04, A3, D8, C6, 41, 00, C3, 56, 8B, 74, 24, 08, 33, C0, EB, 0F, 85, C0, 75, 11, 8B, 0E, 85, C9, 74, 02, FF, D1, 83, C6, 04, 3B, 74, 24, 0C, 72, EB, 5E, C3, 55, 8B, EC, 83, EC, 10, FF, 75, 08, 8D, 4D, F0, E8, 52, 83, FF, FF, FF, 75, 24, 8D, 4D, F0, FF, 75, 20, FF, 75, 1C, FF, 75, 18, FF, 75, 14, FF, 75, 10, FF, 75, 0C, E8, E7, 7C, 00, 00, 83, C4, 1C, 80, 7D, FC, 00, 74, 07, 8B, 4D, F8, 83, 61, 70, FD, C9, C3, 6A, 10, 68, B0, B9, 41, 00, E8, 55, 60, 00, 00... 
[+]

Entropy:

6.1879

Code size:

92 KB (94,208 bytes)

Remove gxmc39.tmp - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.