» tmp6.exe
Overview
Analysis
File Details

tmp6.exe

Java Platform SE 7 U4

O racle Corporation

The executable tmp6.exe, “Java(TM) Platform SE binary” has been detected as malware by 18 anti-virus scanners.

File name:

tmp6.exe

Publisher:

O racle Corporation

Product:

Java(TM) Platform SE 7 U4

Description:

Java(TM) Platform SE binary

Version:

10.4.0.20

MD5:

1b509abedc25d0908a9034c7355409ce

SHA-1:

9a03ecd496c12a2e35643467ee6852ecc5edc6dc

SHA-256:

36afc414d36e98cfaaff2594d3062287ffd53708664f1a920beeff87e5489738

Scanner detections:

18 / 68

Status:

Malware

Analysis date:

4/26/2024 9:21:09 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.503310

5850519

Avira AntiVirus

TR/Crypt.ZPACK.Gen4

7.11.189.64

avast!

Win32:GenMalicious-AQL [Trj]

141119-1

AVG

Trojan horse Generic36.AKRS

2014.0.4189

Bitdefender

Gen:Variant.Kazy.503310

1.0.20.1660

Dr.Web

Trojan.Siggen6.23087

9.0.1.05190

Emsisoft Anti-Malware

Gen:Variant.Kazy.503310

9.0.0.4570

ESET NOD32

Win32/Boaxxe.BQ trojan

7.0.302.0

F-Secure

Gen:Variant.Kazy.503310

11.2014-28-11_6

G Data

Gen:Variant.Kazy.503310

14.11.24

Kaspersky

Backdoor.Win32.PMax

15.0.0.543

Malwarebytes

Trojan.Agent.ED

v2014.11.28.01

McAfee

Packed-APIXOR!1B509ABEDC25

5600.6933

Microsoft Security Essentials

Threat.Undefined

1.189.840.0

MicroWorld eScan

Gen:Variant.Kazy.503310

15.0.0.996

Norman

Heur.I

11.20141128

Panda Antivirus

Trj/CI.A

14.11.28.01

VIPRE Antivirus

Threat.4150696

35088

File size:

116 KB (118,784 bytes)

Product version:

7.0.40.20

Original file name:

ssvagent.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\Documents and Settings\{user}\Application data\microsoft\secure\icons\temp\tmp6.exe

File PE Metadata

Compilation timestamp:

11/26/2014 2:30:55 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

7.0

CTPH (ssdeep):

1536:kT6GeW3tUthbFAODZUg444hEhhSVrY6yt/JQduvO:FGeWsbZL44BipqBQdyO

Entry address:

0x1000

Entry point:

55, 8B, EC, 83, EC, 0C, 57, C7, 45, FC, 00, 00, 00, 00, 68, 78, E0, 41, 00, FF, 15, 98, 71, 41, 00, 68, 01, 14, 00, 00, 6A, 00, FF, 15, CC, 71, 41, 00, 85, C0, 74, 02, CD, 05, 8B, C9, 8B, 4D, 08, 8B, C9, 89, 0D, 5C, E4, 41, 00, 89, 2D, 3C, E4, 41, 00, C7, 05, 20, E4, 41, 00, 1C, 00, 02, 00, E8, E2, 05, 00, 00, C7, 45, F4, 00, 00, 00, 00, 68, CC, E5, 41, 00, A1, 20, E4, 41, 00, 83, E8, 03, 50, 6A, 00, 8B, 0D, 0C, E0, 41, 00, 51, 8B, 15, 00, E0, 41, 00, 83, EA, 01, 52, FF, 15, 7C, E4, 41, 00, 89, 45, F8, 83... 
[+]

Entropy:

5.4596

Developed / compiled with:

Microsoft Visual C++

Code size:

87 KB (89,088 bytes)

Remove tmp6.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.