» tmp5511.exe
Overview
Analysis
File Details

tmp5511.exe

The executable tmp5511.exe has been detected as malware by 21 anti-virus scanners.

File name:

tmp5511.exe

MD5:

7f9468fb41beee81f492bd60b5a315ec

SHA-1:

489fc23b2700010857b212141e0d7b58a388080e

SHA-256:

88ab983b204c11e1341e3213bf921d3946d9f36c757501b8e63ca303fbf05195

Scanner detections:

21 / 68

Status:

Malware

Analysis date:

4/26/2024 4:21:05 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.394842

856

Agnitum Outpost

Trojan.Agent

7.1.1

Avira AntiVirus

TR/Kazy.394842

7.11.157.186

avast!

Win32:Crypt-RBG [Trj]

2014.9-141002

AVG

Crypt3

2015.0.3334

Bitdefender

Gen:Variant.Kazy.394842

1.0.20.1375

Dr.Web

Trojan.Siggen6.19539

9.0.1.0275

ESET NOD32

Win32/Kryptik.CEEI (variant)

8.10021

Fortinet FortiGate

W32/Agent.AGOWR!tr

10/2/2014

F-Secure

Gen:Variant.Kazy.394842

11.2014-02-10_5

G Data

Gen:Variant.Kazy.394842

14.10.24

Kaspersky

Trojan.Win32.Agent

14.0.0.3164

Malwarebytes

Trojan.Ransom.ED

v2014.10.02.04

McAfee

GenericATG-FWG!7F9468FB41BE

5600.6990

MicroWorld eScan

Gen:Variant.Kazy.394842

15.0.0.825

NANO AntiVirus

Trojan.Win32.XPACK.dazkps

0.28.0.60475

Panda Antivirus

Trj/Genetic.gen

14.10.02.04

Qihoo 360 Security

Win32/Trojan.cfb

1.0.0.1015

Trend Micro House Call

TROJ_GEN.R08NB01FS14

7.2.275

Vba32 AntiVirus

Trojan.Agent.agoyq

3.12.26.3

VIPRE Antivirus

Trojan.Win32.Generic

30814

File size:

162 KB (165,888 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\ProgramData\application data\microsoft\crypto\rsa64\temp\tmp5511.exe

File PE Metadata

Compilation timestamp:

6/12/2014 11:03:32 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

12.0

CTPH (ssdeep):

3072:N/0WKn/qvGP8bxsRmSoZ3Rc/uCIu8Sb1cOUJ7wqk/4M27/rBpjzVR:N/0WElP8bxsRVo1RKFb2OkwqRrB7R

Entry address:

0x93C6

Entry point:

B8, 50, 01, 00, 00, E8, 56, 8A, 00, 00, A1, 28, 19, 42, 00, 33, C4, 89, 84, 24, 4C, 01, 00, 00, F6, 05, 37, 40, 41, 00, 6F, A1, 28, 22, 41, 00, 8A, 0D, 82, 40, 41, 00, 6A, 66, 5A, 89, 44, 24, 14, A1, 2C, 22, 41, 00, 89, 54, 24, 04, C6, 44, 24, 03, 3C, 89, 44, 24, 18, 75, 53, 83, 3D, 20, 17, 42, 00, 00, 74, 09, 80, 3D, DD, 18, 42, 00, 00, 75, 41, 0F, BE, 05, 08, 16, 42, 00, 23, 05, 18, 19, 42, 00, 85, 05, 08, 19, 42, 00, 75, 2C, 83, 3D, 00, 40, 41, 00, 00, 74, 1A, A1, 08, 18, 42, 00, 85, 05, 80, 16, 42, 00... 
[+]

Code size:

68 KB (69,632 bytes)

Remove tmp5511.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.