» ssleay32.tmp
Overview
Analysis
File Details

ssleay32.tmp

WEBPIC DESENVOLVIMENTO DE SOFTWARE LTDA

The file ssleay32.tmp has been detected as malware by 25 anti-virus scanners. According to AVG, this software downloads additional adware offers during setup.

File name:

ssleay32.tmp

Publisher:

WEBPIC DESENVOLVIMENTO DE SOFTWARE LTDA (signed and verified)

MD5:

0cc8cb739f28bd9cf086c6ecc9d4003c

SHA-1:

fb4e4790c3bd19d5e3e702f716ec1fe7094e99f3

SHA-256:

d26ce21d1495a4a398ea7dda47547d68d9ff4141433d15c4e5a84e65f21a0270

Scanner detections:

25 / 68

Status:

Malware

Analysis date:

4/24/2024 5:50:38 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Strictor.55255

-22

Agnitum Outpost

Trojan.PWS.Banker

7.1.1

AhnLab V3 Security

Trojan/Win32.Agent

2015.03.01

Avira AntiVirus

TR/Banker.Banker.bpkz

7.11.212.246

avast!

Win32:Delf-TUK [Trj]

2014.9-170226

AVG

Downloader.Banload2

2018.0.2456

Bitdefender

Gen:Variant.Strictor.55255

1.0.20.285

Comodo Security

UnclassifiedMalware

21250

Emsisoft Anti-Malware

Gen:Variant.Strictor.55255

8.17.02.26.05

ESET NOD32

Win32/Spy.Banker.AAWG (variant)

11.11249

Fortinet FortiGate

W32/Banker.BPKZ!tr

2/26/2017

F-Secure

Gen:Variant.Strictor.55255

11.2017-26-02_1

G Data

Gen:Variant.Strictor.55255

17.2.25

IKARUS anti.virus

Trojan-Downloader.Banload2

t3scan.1.8.6.0

Kaspersky

Trojan-Banker.Win32.Banker

14.0.0.-1226

McAfee

GenericR-APR!0CC8CB739F28

5600.6112

MicroWorld eScan

Gen:Variant.Strictor.55255

18.0.0.171

NANO AntiVirus

Trojan.Win32.Banker.cwthmf

0.30.0.296

Norman

Troj_Generic.TVXAJ

11.20170226

Panda Antivirus

Trj/CI.A

17.02.26.05

Qihoo 360 Security

Win32/Trojan.929

1.0.0.1015

Quick Heal

TrojanBanker.Banker.r9

2.17.14.00

Sophos

Mal/Generic-S

4.98

Vba32 AntiVirus

TrojanBanker.Banker

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

38010

File size:

480.1 KB (491,616 bytes)

Common path:

C:\users\{user}\appdata\local\microsoft\windows\temporary internet files\content.ie5\{random}\ssleay32.tmp

Digital Signature

Signed by:

WEBPIC DESENVOLVIMENTO DE SOFTWARE LTDA

Authority:

COMODO CA Limited

Valid from:

3/5/2014 9:00:00 PM

Valid to:

3/6/2015 8:59:59 PM

Subject:

CN=WEBPIC DESENVOLVIMENTO DE SOFTWARE LTDA, O=WEBPIC DESENVOLVIMENTO DE SOFTWARE LTDA, STREET="RUA RUBIAO JUNIOR, 2386", STREET=PISO SUPERIOR, STREET=PARQUE INDUSTRIAL, L=SAO JOSE DO RIO PRETO, S=SAO PAULO, PostalCode=15025080, C=BR

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

0B0D17EC1449B4B2D38FCB0F20FBCD3A

File PE Metadata

Compilation timestamp:

4/2/2014 5:27:23 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

2.25

Entry address:

0x617B8

Entry point:

55, 8B, EC, 83, C4, EC, 33, C0, 89, 45, EC, B8, AC, 07, 46, 00, E8, 67, 55, FA, FF, 33, C0, 55, 68, 5B, 18, 46, 00, 64, FF, 30, 64, 89, 20, A1, 00, 6E, 46, 00, 8B, 00, E8, 89, 57, FF, FF, A1, 00, 6E, 46, 00, 8B, 00, C6, 40, 5B, 00, 8B, 0D, 88, 6E, 46, 00, A1, 00, 6E, 46, 00, 8B, 00, 8B, 15, DC, F7, 45, 00, E8, 7E, 57, FF, FF, A1, 88, 6E, 46, 00, 8B, 00, 80, B8, 60, 03, 00, 00, 00, 74, 1F, 6A, 00, 8D, 55, EC, A1, 00, 6E, 46, 00, 8B, 00, E8, 05, 60, FF, FF, 8B, 45, EC, E8, 71, 39, FA, FF, 50, E8, 4F, 58, FA... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

385 KB (394,240 bytes)

Remove ssleay32.tmp - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.