» onshfc1d.tmp
Overview
Analysis
File Details

onshfc1d.tmp

The file onshfc1d.tmp has been detected as a potentially unwanted program by 10 anti-malware scanners.

File name:

onshfc1d.tmp

MD5:

95dba2d8a8f6be7e448d7a989bcf55a8

SHA-1:

7390b667ddb8d3c9863f7d6d9b1b0c549a1fccbf

SHA-256:

f9b1b2f93fb4d85c8f2d286523c3a7c5137a32c40f2701c410297a8df7d880aa

Scanner detections:

10 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 8:46:34 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Graftor.177185

6586311

Baidu Antivirus

Adware.Win32.ConvertAd

4.0.3.15227

Bitdefender

Gen:Variant.Adware.ConvertAd.2

1.0.20.290

Emsisoft Anti-Malware

Gen:Variant.Graftor.177185

9.0.0.4799

ESET NOD32

Win32/Adware.ConvertAd.BD application

7.0.302.0

F-Secure

Gen:Variant.Adware.ConvertAd.2

5.13.68

G Data

Gen:Variant.Adware.ConvertAd

15.2.25

Kaspersky

UDS:DangerousObject.Multi.Generic

14.0.0.2421

MicroWorld eScan

Gen:Variant.Adware.ConvertAd.2

16.0.0.174

Qihoo 360 Security

HEUR/QVM10.1.Malware.Gen

1.0.0.1015

File size:

605 KB (619,520 bytes)

Common path:

C:\users\{user}\appdata\local\4c4c4544-1424806698-3710-8050-b4c04f335331\onshfc1d.tmp

File PE Metadata

Compilation timestamp:

2/24/2015 6:22:43 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

6144:eEQB4uaac50qTMXZYB+DdPqjJbhbw1rRwZCa14jzJsp8:HBa40qoXZYIDdPmNAaRajtsi

Entry address:

0x1217C

Entry point:

E8, C0, 7F, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 83, 3D, 54, 80, 43, 00, 00, 75, 18, E8, 78, 76, 00, 00, 6A, 1E, E8, C2, 74, 00, 00, 68, FF, 00, 00, 00, E8, A4, F8, FF, FF, 59, 59, 8B, 45, 08, 85, C0, 75, 01, 40, 50, 6A, 00, FF, 35, 54, 80, 43, 00, FF, 15, A4, F0, 42, 00, 5D, C3, 8B, FF, 55, 8B, EC, 53, 8B, 5D, 08, 83, FB, E0, 77, 6F, 56, 57, 83, 3D, 54, 80, 43, 00, 00, 75, 18, E8, 2E, 76, 00, 00, 6A, 1E, E8, 78, 74, 00, 00, 68, FF, 00, 00, 00, E8, 5A, F8, FF, FF, 59, 59, 85, DB, 74, 04, 8B, C3... 
[+]

Entropy:

5.6770

Code size:

182 KB (186,368 bytes)

Remove onshfc1d.tmp - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.