home

hhh9b64.tmp

The file hhh9b64.tmp has been detected as malware by 36 anti-virus scanners.
MD5:
168c71d2ecdb7f4aa9d0c689c8ec75ea

SHA-1:
7b7b22c9176d9db0d0e4b80a67765ba6e9f25e4f

SHA-256:
721af7f86035fc9bf2cc7d69009c693fdb1020ddca664b6b52bcf37cbebde6f4

Scanner detections:
36 / 68

Status:
Malware

Analysis date:
4/27/2024 2:21:35 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Zusy.89319
865

Agnitum Outpost
Trojan.Agentb
7.1.1

AhnLab V3 Security
Spyware/Win32.Zbot
14.09.22

Avira AntiVirus
TR/ATRAPS.Gen
7.11.149.54

avast!
Win32:Kryptik-NRD [Trj]
2014.9-140922

AVG
Crypt3
2015.0.3343

Baidu Antivirus
Trojan.Win32.Agent
4.0.3.14922

Bitdefender
Gen:Variant.Zusy.89319
1.0.20.1325

Bkav FE
W32.DownloadWauchosS.Trojan
1.3.0.4959

Comodo Security
UnclassifiedMalware
18263

Dr.Web
BackDoor.Bulknet.1150
9.0.1.0265

Emsisoft Anti-Malware
Gen:Variant.Zusy.89319
8.14.09.22.12

ESET NOD32
Win32/Kryptik.BZQQ (variant)
8.9791

Fortinet FortiGate
W32/Agentb.APDJ!tr
9/22/2014

F-Secure
Gen:Variant.Zusy.89319
11.2014-22-09_2

G Data
Gen:Variant.Zusy.89319
14.9.24

IKARUS anti.virus
Trojan-Downloader.Win32.Cutwail
t3scan.1.6.1.0

K7 AntiVirus
Trojan
13.177.12041

Kaspersky
Trojan.Win32.Agentb
14.0.0.3212

Malwarebytes
Trojan.Cryptor.XGen
v2014.09.22.12

McAfee
RDN/Downloader.a!pz
5600.6999

Microsoft Security Essentials
TrojanDownloader:Win32/Cutwail.BS
1.10502

MicroWorld eScan
Gen:Variant.Zusy.89319
15.0.0.795

NANO AntiVirus
Trojan.Win32.Agentb.cwxetu
0.28.0.59826

Norman
Troj_Generic.TNHGN
11.20140922

Panda Antivirus
Generic Malware
14.09.22.12

Qihoo 360 Security
Win32/Trojan.30e
1.0.0.1015

Quick Heal
Trojan.Agent.r6
9.14.14.00

Sophos
Mal/Generic-S
4.98

SUPERAntiSpyware
Trojan.Agent/Gen-Zusy
10344

Trend Micro House Call
TROJ_CUTWIL.SM1J
7.2.265

Trend Micro
TROJ_GEN.R0CBC0DDE14
10.465.22

Vba32 AntiVirus
Trojan.Agentb
3.12.26.0

VIPRE Antivirus
Trojan.Win32.Cutwail.ad
29146

ViRobot
Trojan.Win32.Agent.62976.AH
2011.4.7.4223

Zillya! Antivirus
Trojan.Agentb.Win32.3878
2.0.0.1786

File size:
61.5 KB (62,976 bytes)

Common path:
C:\users\{user}\appdata\local\temp\hhh9b64.tmp

File PE Metadata
Compilation timestamp:
4/11/2014 10:24:27 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
5.12

CTPH (ssdeep):
768:xs++3kdbXvTb61IUVMlweflyCCyleUZ2PcNp4pVESTb5vc/pZN:xs++STISlwckdhPc74pZTtv+R

Entry address:
0x1014

Entry point:
6A, 00, E8, 11, 02, 00, 00, A3, 30, 40, 40, 00, 6A, 00, 6A, 00, 68, 55, 40, 40, 00, 83, 04, 24, 07, B8, 38, 12, 40, 00, FF, D0, 50, 68, 76, 40, 40, 00, BF, 2C, 12, 40, 00, FF, D7, A3, 3C, 40, 40, 00, 68, 26, 06, 00, 00, 81, 2C, 24, 18, 06, 00, 00, 68, 97, 50, 40, 00, 81, 04, 24, 21, 00, 00, 00, FF, 35, 3C, 40, 40, 00, 8D, 3D, C7, 50, 40, 00, FF, D7, 5B, A3, 38, 40, 40, 00, FF, 35, FB, 40, 40, 00, 8F, 05, 38, 40, 40, 00, C7, 05, 34, 40, 40, 00, 20, 12, 40, 00, 8D, 3D, 04, 40, 40, 00, B9, 18, 00, 00, 00, 33...
 
[+]

Entropy:
6.3373

Packer / compiler:
TASM / MASM

Code size:
1024 Bytes (1,024 bytes)

Remove hhh9b64.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.