» tmp0000000270ac4a1c050a2e12
Overview
Analysis
File Details

tmp0000000270ac4a1c050a2e12

svr.exe

合肥智明星通软件科技有限公司

The file tmp0000000270ac4a1c050a2e12 by 合肥智明星通软件科技有限公司 has been detected as a potentially unwanted program by 4 anti-malware scanners.

File name:

Publisher:

tsvr.com (signed by 合肥智明星通软件科技有限公司)

Product:

svr.exe

Description:

tsvr.com

Version:

3.0.0.22

MD5:

0b3e278e84d0a0e806dcc7f297008d0c

SHA-1:

ae206f1e36051ed78fdbe9bcf0ab03a70bb78a14

SHA-256:

c2cbf0abb99f8d01724088429d34c2bd25fcc5bb6e8f454e83640bc833bec320

Scanner detections:

4 / 68

Status:

Potentially unwanted

Analysis date:

6/27/2025 6:20:59 PM UTC (today)

Scan engine

Detection

Engine version

AVG

Adware Generic_r.BEX

2015.0.4604

Dr.Web

Adware.Mutabaha.1314

9.0.1.05190

ESET NOD32

Win32/ELEX.IN potentially unwanted application

8.0.319.0

Microsoft Security Essentials

Threat.Undefined

1.225.81.0

File size:

512 KB (524,288 bytes)

Product version:

3.0.0.22

Original file name:

TSvr.exe

Language:

Chinese

Common path:

C:\windows\temp\tmp0000000270ac4a1c050a2e12

Digital Signature

Signed by:

合肥智明星通软件科技有限公司

Authority:

GlobalSign nv-sa

Valid from:

5/19/2016 9:41:49 AM

Valid to:

8/5/2016 6:17:44 AM

Subject:

CN=合肥智明星通软件科技有限公司, O=合肥智明星通软件科技有限公司, L=合肥, S=安徽, C=CN

Issuer:

CN=GlobalSign CodeSigning CA - SHA256 - G2, O=GlobalSign nv-sa, C=BE

Serial number:

1121F16FF0116D0F7CAA5F06D836157BCA02

File PE Metadata

Compilation timestamp:

5/22/2016 11:24:28 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

12288:INOuj1gyzaK5YDEwLgrsi0ambRjox3PAWICtdSx:Ikyzdoi0amVjoVAWT/e

Entry address:

0x50ABC

Entry point:

E8, C3, 09, 00, 00, E9, 03, FE, FF, FF, FF, 25, F4, 43, 45, 00, FF, 25, F8, 43, 45, 00, FF, 25, FC, 43, 45, 00, FF, 25, 00, 44, 45, 00, FF, 25, 04, 44, 45, 00, FF, 25, 08, 44, 45, 00, FF, 25, 0C, 44, 45, 00, FF, 25, 10, 44, 45, 00, FF, 25, 14, 44, 45, 00, FF, 25, 18, 44, 45, 00, FF, 25, 1C, 44, 45, 00, FF, 25, 20, 44, 45, 00, CC, CC, FF, 25, 24, 44, 45, 00, FF, 25, 28, 44, 45, 00, FF, 25, 2C, 44, 45, 00, FF, 25, 30, 44, 45, 00, FF, 25, 34, 44, 45, 00, FF, 25, 38, 44, 45, 00, FF, 25, 3C, 44, 45, 00, CC, CC... 
[+]

Code size:

330 KB (337,920 bytes)

Remove tmp0000000270ac4a1c050a2e12 - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.