» tlremask3.exe
Overview
Analysis
File Details

tlremask3.exe

The executable tlremask3.exe has been detected as malware by 27 anti-virus scanners.

File name:

tlremask3.exe

MD5:

4019e8ef5b4c24694d0b0e38e1c1d648

SHA-1:

dc88b95496acdbb991b95501cf644c13fa70b8c6

SHA-256:

42ee270ee40f55ce57e47c45240d1db0a776be8b56f439149be9cd17c800f4d9

Scanner detections:

27 / 68

Status:

File is infected by a Virus

Explanation:

The file is infected by a polymorphic file infector virus.

Analysis date:

4/26/2024 10:23:18 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Win32.Virtob.Gen.12

5646091

Avira AntiVirus

W32/Virut.Gen

3.6.1.96

avast!

Win32:Vitro

150319-1

AVG

Win32/Virut

2014.0.4311

Bkav FE

W32.Vetor.PE

1.3.0.6379

Dr.Web

Win32.Virut.56

9.0.1.05190

Emsisoft Anti-Malware

Win32.Virtob.Gen.12

9.0.0.4799

ESET NOD32

Win32/Virut.NBP

9.11493

F-Prot

W32/Virut.AL!Generic

4.6.5.141

F-Secure

Win32.Virtob.Gen.12

5.13.68

G Data

Win32.Virtob.Gen.12

15.4.25

IKARUS anti.virus

Virus.Win32.Virut

t3scan.1.8.9.0

K7 AntiVirus

Virus

13.202.15637

Kaspersky

Virus.Win32.Virut

15.0.0.543

McAfee

Virus.W32/Virut.n.gen

16.8.708.2

Microsoft Security Essentials

Virus:Win32/Virut.BN

1.195.3225.0

MicroWorld eScan

Win32.Virtob.Gen.12

16.0.0.324

Norman

Win32.Virtob.Gen.12

03.12.2014 13:20:04

Quick Heal

W32.Virut.G

4.15.14.00

Rising Antivirus

PE:Win32.Virut.ec!1608462

23.00.65.15416

Sophos

Virus 'W32/Scribble-B'

5.13

Total Defense

Win32/Virut.17408

37.0.11555

Trend Micro House Call

PE_VIRUX.R

7.2.108

Trend Micro

PE_VIRUX.R

10.465.18

Vba32 AntiVirus

Virus.Virut.14

3.12.26.3

VIPRE Antivirus

Threat.4737366

38882

Zillya! Antivirus

Virus.Virut.Win32.1938

2.0.0.2142

File size:

553 KB (566,272 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\Program Files\common files\topaz labs\tlremask3.exe

File PE Metadata

Compilation timestamp:

10/18/2008 10:08:18 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:EeIhE+3Jxq6PBnnABKpirr644qly1h68W9DGBzwiF0khWxy0e5URiwNtAYaDmCVA:EeIhE+S+ABMKy1hANDkhQnzPzX

Entry address:

0x85B9D

Entry point:

83, 3C, 24, FE, 77, FE, 8D, 64, 24, CC, 60, 83, EC, DC, E8, 1C, FF, FF, FF, 4B, 66, 4B, 75, FC, F8, 10, D4, 9B, FF, 73, 3C, 59, 81, E9, FD, FF, FF, 7F, 0F, 83, E7, FF, FF, FF, 81, D9, E6, 13, 00, 00, 71, DF, B6, 69, 28, E4, FF, B4, 19, E4, 13, 00, 80, 83, C4, 04, 66, 81, 44, 24, FC, B0, BA, 75, C8, 8A, C9, 24, FF, 68, FB, 47, 00, 04, E8, F0, FE, FF, FF, 89, 74, 24, 44, E9, 95, 66, 00, 00, 54, FF, D7, FF, 54, 24, 50, FE, 0C, 24, 0F, 85, 4B, FF, FF, FF, 58, 6A, 01, E8, 0D, FF, FF, FF, C7, 46, 14, 0C, 00, 00... 
[+]

Entropy:

7.3106

Code size:

156 KB (159,744 bytes)

Remove tlremask3.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.