» tam.exe
Overview
Analysis
File Details

tam.exe

CNT Bilisim Teknolojisi pazrek tur lt lh Tic. Ltd. Sti

The application tam.exe by CNT Bilisim Teknolojisi pazrek tur lt lh Tic. Sti has been detected as adware by 11 anti-malware scanners.

File name:

tam.exe

Publisher:

CNT Bilisim Teknolojisi pazrek tur lt lh Tic. Ltd. Sti (signed and verified)

MD5:

d94e3bd87303efe28ca0beac6fce6dd0

SHA-1:

f8e572cfaf1e2269de64135df2881abc8f76c414

Scanner detections:

11 / 68

Status:

Adware

Analysis date:

4/26/2024 5:23:44 AM UTC (today)

Scan engine

Detection

Engine version

Avira AntiVirus

TR/Kazy.74886

7.11.33.72

AVG

unknown virus Win32/DH

2016.0.3193

Comodo Security

UnclassifiedMalware

12656

Dr.Web

Trojan.StartPage.44843

9.0.1.0255

Emsisoft Anti-Malware

Gen:Variant.Zusy.52755

8.15.09.12.05

F-Secure

Gen:Variant.Zusy.52755

11.2015-12-09_7

Kaspersky

HEUR:Trojan.Win32.AntiAV

14.0.0.2458

McAfee

Artemis!D94E3BD87303

5600.6849

Reason Heuristics

PUP.CNTBilisimTeknolojisipazrekturltlhTicSti

15.2.20.11

Sophos

Mal/Generic-L

4.98

VIPRE Antivirus

Trojan.Win32.Generic

39124

File size:

1.5 MB (1,624,520 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Documents and Settings\{user}\Local settings\temp\{random}.tmp\tam.exe

Digital Signature

Signed by:

CNT Bilisim Teknolojisi pazrek tur lt lh Tic. Ltd. Sti

Authority:

COMODO CA Limited

Valid from:

2/2/2012 2:00:00 AM

Valid to:

2/2/2014 1:59:59 AM

Subject:

CN=CNT Bilisim Teknolojisi pazrek tur lt lh Tic. Ltd. Sti, OU=CNT Bilisim Teknolojisi Tic Ltd Sti, O=CNT Bilisim Teknolojisi pazrek tur lt lh Tic. Ltd. Sti, STREET=273/1 Sk. Mansuroglu Mah. Narlibahce Sit., STREET=No:6 B1 Blok Daire:2, STREET=Bayrakli, L=Caner Bayraktar, S=Izmir, PostalCode=35030, C=TR

Issuer:

CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:

2491AD8A2DE204BEAB2DC62493BE62FA

File PE Metadata

Compilation timestamp:

6/6/2012 1:11:10 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows Console

Linker version:

10.0

CTPH (ssdeep):

24576:I8u/q7fvghnCbpK+3iyf/FQsV9siT//yT/glVYGcagS3:IufvECb8eRVzb2/gl5

Entry address:

0xA0955

Entry point:

E9, 26, B8, 0E, 00, E9, 31, 46, 01, 00, E9, 2C, 43, 10, 00, E9, 67, 22, 0F, 00, E9, C2, BE, 13, 00, E9, 9D, 01, 11, 00, E9, B8, 72, 01, 00, E9, DB, C3, 13, 00, E9, 4E, DD, 12, 00, E9, 49, F6, 0C, 00, E9, E4, 71, 01, 00, E9, DF, 32, 0D, 00, E9, 6A, EF, 01, 00, E9, 95, 43, 01, 00, E9, C0, A5, 07, 00, E9, 3B, 88, 0F, 00, E9, 06, DB, 05, 00, E9, 71, B6, 12, 00, E9, 24, 2B, 0D, 00, E9, 37, 5F, 0E, 00, E9, B2, BD, 01, 00, E9, FD, E9, 01, 00, E9, 98, E9, 00, 00, E9, F3, 8F, 00, 00, E9, CE, DE, 12, 00, E9, D9, 5A... 
[+]

Developed / compiled with:

Microsoft Visual C++ 8.0 (Debug)

Code size:

1.3 MB (1,331,712 bytes)

Remove tam.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.