home

onsd8f2b.tmp

The file onsd8f2b.tmp has been detected as malware by 2 anti-virus scanners. The file has been seen being downloaded from d2fpsq9kg43yka.cloudfront.net.
MD5:
8e53423169b59acddbc880d59d8f3697

SHA-1:
24fa2af5a703bf790b844e67603a7d6935c10dea

SHA-256:
f6014d8e84bd20067cb0e4d9c250a9be928740358bb1e159f072fd306c107b5c

Scanner detections:
2 / 68

Status:
Malware

Analysis date:
4/29/2024 7:56:38 AM UTC  (today)

Scan engine
Detection
Engine version

Kaspersky
UDS:DangerousObject.Multi.Generic
14.0.0.2335

Reason Heuristics
Threat.Downloader.KY
16.2.29.19

File size:
510.5 KB (522,752 bytes)

Common path:
C:\users\{user}\appdata\local\a05c433f-1426523817-e211-a1f4-f672d0fa0ca5\onsd8f2b.tmp

File PE Metadata
Compilation timestamp:
3/16/2015 1:43:30 PM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:Tm6t88heaCV+/8gzQE8s5cibThPj+Z6LEegV2emqT0fTdU89FhQn2wnL5JdBdOLd:TugRzPceThP66gegEembVwZCa14jzJ

Entry address:
0xF719

Entry point:
E8, 91, 46, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 56, 57, 33, F6, FF, 75, 08, E8, ED, 28, 00, 00, 8B, F8, 59, 85, FF, 75, 27, 39, 05, 0C, 02, 42, 00, 76, 1F, 56, FF, 15, 1C, 90, 41, 00, 8D, 86, E8, 03, 00, 00, 3B, 05, 0C, 02, 42, 00, 76, 03, 83, C8, FF, 8B, F0, 83, F8, FF, 75, CA, 8B, C7, 5F, 5E, 5D, C3, 8B, FF, 55, 8B, EC, 56, 57, 33, F6, 6A, 00, FF, 75, 0C, FF, 75, 08, E8, CC, 46, 00, 00, 8B, F8, 83, C4, 0C, 85, FF, 75, 27, 39, 05, 0C, 02, 42, 00, 76, 1F, 56, FF, 15, 1C, 90, 41, 00, 8D, 86, E8...
 
[+]

Entropy:
5.2539

Code size:
95.5 KB (97,792 bytes)

The file onsd8f2b.tmp has been seen being distributed by the following URL.

http://d2fpsq9kg43yka.cloudfront.net/Update_Notifier.exe

Remove onsd8f2b.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.