» temp1354601058.exe
Overview
Analysis
File Details

temp1354601058.exe

The executable temp1354601058.exe has been detected as malware by 17 anti-virus scanners.

File name:

temp1354601058.exe

MD5:

a9fe1cc03e8ce5b8c81102a966e6e888

SHA-1:

f3b7aeca9965ef1f1ee356bcf39175ee891cd321

SHA-256:

dffa5400f1d319affb29ea1de022973b0f56adf3cd6ef767e41dc8d9ed9006eb

Scanner detections:

17 / 68

Status:

Malware

Analysis date:

4/24/2024 2:09:52 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.2036865

775

avast!

Win32:Malware-gen

2014.9-141221

Baidu Antivirus

Trojan.Win32.Kryptik

4.0.3.141221

Bitdefender

Trojan.GenericKD.2036865

1.0.20.1775

Bkav FE

HW32.Packed

1.3.0.6267

Emsisoft Anti-Malware

Trojan.GenericKD.2036865

8.14.12.21.11

ESET NOD32

Win32/Kryptik.CTIK trojan

8.7.0.302.0

F-Secure

Trojan.GenericKD.2036865

11.2014-21-12_1

G Data

Trojan.GenericKD.2036865

14.12.24

Kaspersky

Trojan-PSW.Win32.Tepfer

14.0.0.2760

Malwarebytes

Trojan.Agent.ED

v2014.12.21.11

MicroWorld eScan

Trojan.GenericKD.2036865

15.0.0.1065

Norman

Injector.HNNP

11.20141220

nProtect

Trojan.GenericKD.2036865

14.12.19.01

Panda Antivirus

Generic Suspicious

14.12.21.11

Qihoo 360 Security

Malware.QVM10.Gen

1.0.0.1015

Reason Heuristics

Threat.Win.Reputation.IMP

14.12.21.23

File size:

1.3 MB (1,393,664 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\temp1354601058.exe

File PE Metadata

Compilation timestamp:

12/16/2014 4:00:33 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

24576:XeKT0pZDHQQ49zW5O6QGZBaFtJIAVLSkF4idhjL5MLGAOYFbBFw:NTIVh46O6rZBmGUL1dVOLx1tTw

Entry address:

0x167E5B8

Entry point:

E8, 11, 32, 00, 00, E9, 79, FE, FF, FF, 90, FF, 55, 8B, EC, 8B, 45, 08, 33, C9, 3B, 04, CD, 28, C1, A7, 01, 74, 13, 41, 83, F9, 2D, 72, F1, 8D, 48, ED, 83, F9, 11, 77, 0E, 6A, 0D, 58, 5D, C3, 8B, 04, CD, 2C, C1, A7, 01, 5D, C3, 05, 44, FF, FF, FF, 6A, 0E, 59, 3B, C8, 1B, C0, 23, C1, 83, C0, 08, 5D, C3, E8, 4E, 20, 00, 00, 85, C0, 75, 06, B8, 90, C2, A7, 01, C3, 83, C0, 08, C3, 8B, FF, 55, 8B, EC, 33, C0, 39, 45, 08, 6A, 00, 0F, 94, C0, 68, 00, 10, 00, 00, 50, FF, 15, 24, C0, A7, 01, A3, 8C, 5C, A8, 01, 85... 
[+]

Entropy:

6.3603

Code size:

44 KB (45,056 bytes)

Remove temp1354601058.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.