home

tmp0

Bastian Suter

Publisher:
Bastian Suter  (signed and verified)

MD5:
269aded7f1a5fda1f64af7d51d3c5840

SHA-1:
f23ddc9249c4bfd2be894e4d1bbb0922b8abbe78

SHA-256:
bc3bf6b142288ba5073dbb5492b528e02b94dd0f752e1016774a94a558da30cc

Scanner detections:
3 / 68

Status:
Clean  (3 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/24/2024 7:26:08 PM UTC  (today)

Scan engine
Detection
Engine version

McAfee
Generic Obfuscated.c
5600.6826

Trend Micro House Call
PAK_Generic.005
7.2.74

Trend Micro
PAK_Generic.005
10.465.15

File size:
97.5 KB (99,888 bytes)

Common path:
C:\users\{user}\appdata\local\temp\tmp0

Digital Signature
Signed by:
Bastian Suter

Authority:
DigiCert Inc

Valid from:
3/4/2014 4:00:00 PM

Valid to:
5/13/2015 5:00:00 AM

Subject:
CN=Bastian Suter, O=Bastian Suter, L=Tübingen, S=Baden-Württemberg, C=DE

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0F01D40307832B7F6747D7AB752213DC

File PE Metadata
Compilation timestamp:
5/31/2014 9:57:01 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
1536:HD/Urwlp6B9MogxcKzdYERssMEkTOKVOSVQEMpSSiwThzez/rJgqRCndsfXpzFv:rgwlp6B9sr7sLx86MpSSJRMaOCU1

Entry address:
0x242B2

Entry point:
0F, 8F, 1F, 03, 00, 00, 68, 0F, B0, 46, 03, E9, 32, 2D, FF, FF, 0F, 84, FB, 8D, FF, FF, 81, FE, 66, 8B, 95, AC, 66, 0F, A3, ED, E9, AF, 4B, 00, 00, F9, 48, 89, 4C, 24, 08, 38, D4, 84, C4, F5, 48, 89, 54, 24, 10, 0F, BB, C2, 66, 0F, BB, EA, F5, 4C, 89, 44, 24, 18, 66, 0F, AC, D2, 01, 4C, 89, 4C, 24, 20, 0F, 94, C6, 0F, 96, C6, 66, 0F, BA, FA, 0A, 55, D2, E2, 66, 0F, BA, E2, 0C, 48, D3, CD, 48, 89, E5, D0, DE, 0F, AB, CA, 66, 0F, BC, D1, FE, CE, 50, 66, 0F, CA, 66, 81, EA, A6, 55, 51, D3, C2, 53, F9, 0F, BA...
 
[+]

Entropy:
7.5224

Code size:
27 KB (27,648 bytes)

Scan tmp0 - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.