» tmpb28f.exe
Overview
Analysis
File Details

tmpb28f.exe

Psi, Portable Edition

PortableApps.com

The executable tmpb28f.exe, “PortableApps.com Launcher” has been detected as malware by 10 anti-virus scanners.

File name:

tmpb28f.exe

Publisher:

PortableApps.com

Product:

Psi, Portable Edition

Description:

PortableApps.com Launcher

Version:

1.9.90.2

MD5:

51282905e12cf051bbb10ee485b8e263

SHA-1:

dc7f79d1962430ec9f261627649f1a04042d70a4

SHA-256:

226353b89a8652cab68ec481adb8f9fb1a5ac8ea0230a932979c5eccc892197b

Scanner detections:

10 / 68

Status:

Malware

Analysis date:

4/25/2024 6:49:44 AM UTC (today)

Scan engine

Detection

Engine version

AhnLab V3 Security

Trojan/Win32.Necurs

2014.10.02

avast!

Win32:Trojan-gen

140929-0

AVG

Trojan horse Inject2.AYEA

2014.0.4025

Bitdefender

Gen:Variant.Graftor.158167

1.0.20.1375

Dr.Web

Trojan.Asterope.4

9.0.1.05190

ESET NOD32

Win32/Injector.BMSA (variant)

8.10498

G Data

Win32.Trojan-Dropper.Injector.BL

14.10.24

Malwarebytes

Trojan.Ransom.ED

v2014.10.02.04

MicroWorld eScan

Gen:Variant.Graftor.158167

15.0.0.825

Sophos

Troj/Wonton-IJ

4.98

File size:

356.9 KB (365,446 bytes)

Product version:

1.9.90.2

PortableApps.com

Trademarks:

PortableApps.com is a Trademark of Rare Ideas, LLC.

Original file name:

PsiPortable.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\ProgramData\application data\microsoft\crypto\rsa64\temp\tmpb28f.exe

File PE Metadata

Compilation timestamp:

10/1/2014 11:30:09 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

CTPH (ssdeep):

6144:X+5173D8KNNNNNvNNNNNNNNRNNNNNNNNNNNvNNNNNvNNNNNNNN5NNNNNNNNNNNvd:X+n7D3NNNNNvNNNNNNNNRNNNNNNNNNNR

Entry address:

0x68AB

Entry point:

E8, D3, 47, 00, 00, E9, 89, FE, FF, FF, 2D, A4, 03, 00, 00, 74, 22, 83, E8, 04, 74, 17, 83, E8, 0D, 74, 0C, 48, 74, 03, 33, C0, C3, B8, 04, 04, 00, 00, C3, B8, 12, 04, 00, 00, C3, B8, 04, 08, 00, 00, C3, B8, 11, 04, 00, 00, C3, 8B, FF, 56, 57, 8B, F0, 68, 01, 01, 00, 00, 33, FF, 8D, 46, 1C, 57, 50, E8, 25, 48, 00, 00, 33, C0, 0F, B7, C8, 8B, C1, 89, 7E, 04, 89, 7E, 08, 89, 7E, 0C, C1, E1, 10, 0B, C1, 8D, 7E, 10, AB, AB, AB, B9, A8, 6D, 41, 00, 83, C4, 0C, 8D, 46, 1C, 2B, CE, BF, 01, 01, 00, 00, 8A, 14, 01... 
[+]

Code size:

66 KB (67,584 bytes)

Remove tmpb28f.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.