» tmpb388.tmp.exe
Overview
Analysis
File Details

tmpb388.tmp.exe

S2SUpdater

The application tmpb388.tmp.exe has been detected as a potentially unwanted program by 18 anti-malware scanners.

File name:

tmpb388.tmp.exe

Product:

S2SUpdater

Version:

1.0.0.0

MD5:

3e7580ba1676249a2dc802569226fa18

SHA-1:

57507ceacb1dbbe277ae81f09af178a482aa86a6

SHA-256:

15b966572a0ccc38c17309ad7093ac13dbb7cb57b1ed50202bdafa201e92617e

Scanner detections:

18 / 68

Status:

Potentially unwanted

Analysis date:

4/25/2024 1:26:39 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Application.Kazy.132988

922

Avira AntiVirus

TR/Dropper.MSIL.Gen

7.11.145.108

avast!

Win32:Malware-gen

2014.9-140727

AVG

MSIL2

2015.0.3400

Baidu Antivirus

Trojan.MSIL.GigaClicks

4.0.3.14727

Bitdefender

Gen:Variant.Application.Kazy.132988

1.0.20.1040

ESET NOD32

MSIL/GigaClicks (variant)

8.9728

Fortinet FortiGate

Adware/GigaClicks

7/27/2014

F-Secure

Gen:Variant.Application.Kazy

11.2014-27-07_1

G Data

Gen:Variant.Application.Kazy.132988

14.7.24

IKARUS anti.virus

Win32.SuspectCrc

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.176.11896

McAfee

Artemis!3E7580BA1676

5600.7056

MicroWorld eScan

Gen:Variant.Application.Kazy.132988

15.0.0.624

Qihoo 360 Security

Win32/Application.6db

1.0.0.1015

Sophos

Generic PUA FH

4.98

Trend Micro House Call

TROJ_GEN.R0CBB01DM14

7.2.208

VIPRE Antivirus

Trojan.Win32.Generic

28622

File size:

14.5 KB (14,848 bytes)

Product version:

1.0.0.0

Original file name:

S2SUpdater.exe

File type:

Executable application (Win32 EXE)

Language:

Language Neutral

Common path:

C:\users\{user}\appdata\local\temp\tmpb388.tmp.exe

File PE Metadata

Compilation timestamp:

4/6/2014 12:48:10 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

8.0

.NET CLR dependent:

Yes

CTPH (ssdeep):

384:skCRDijzivU2a7ut6DhH3g1MTc4RvEudDXPM7:skCF+7Q61QbQEozP+

Entry address:

0x4FDE

Entry point:

FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 02, 00, 10, 00, 00, 00, 20, 00, 00, 80, 18, 00, 00, 00, 38, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 50, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 01, 00, 01, 00, 00, 00, 68, 00, 00, 80, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00... 
[+]

Entropy:

5.1149

Developed / compiled with:

Microsoft Visual C# / Basic .NET

Code size:

12 KB (12,288 bytes)

Remove tmpb388.tmp.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.