» tmpbbe9d3ae.exe
Overview
Analysis
File Details

tmpbbe9d3ae.exe

The executable tmpbbe9d3ae.exe has been detected as malware by 31 anti-virus scanners. Accoriding to the detections, it is a variant of Zbot (Zeus), a trojan that attempts to steal confidential information (online credentials, and banking details) from a compromised computer and send it to online criminals via a command-and-control server.

File name:

tmpbbe9d3ae.exe

MD5:

604c16abcc1001b6d78e240c41a9cbdb

SHA-1:

ef88080ea2890b4d01851569616fafde788c1893

SHA-256:

587878bacdd0686ebbe576f322161dae163ae59bc3a1bde80c6e29b5ee5a7d53

Scanner detections:

31 / 68

Status:

Malware

Analysis date:

5/1/2024 10:56:41 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Generic.7085238

-40

Agnitum Outpost

TrojanSpy.Zbot

7.1.1

AhnLab V3 Security

Worm/Win32.Ngrbot

2014.03.12

Avira AntiVirus

TR/Dropper.Gen

7.11.136.70

avast!

Win32:VBCrypt-GT [Trj]

2014.9-170315

AVG

PSW.Generic9

2018.0.2438

Bitdefender

Trojan.Generic.7085238

1.0.20.370

Bkav FE

W32.Cloda3e.Trojan

1.3.0.4959

Comodo Security

Worm.Win32.Agent.NIJ

17913

Emsisoft Anti-Malware

Trojan.Generic.7085238

8.17.03.15.10

ESET NOD32

Win32/Spy.Zbot.YW

11.9527

Fortinet FortiGate

W32/VBInjector.W!tr

3/15/2017

F-Secure

Trojan.Generic.7085238

11.2017-15-03_4

G Data

Trojan.Generic.7085238

17.3.24

IKARUS anti.virus

Trojan-Dropper.Win32.VB

t3scan.2.2.29

K7 AntiVirus

Spyware

13.176.11408

Kaspersky

Worm.Win32.Ngrbot

14.0.0.-1315

McAfee

PWS-Zbot.gen.oz

5600.6094

Microsoft Security Essentials

PWS:Win32/Zbot

1.10302

MicroWorld eScan

Trojan.Generic.7085238

18.0.0.222

NANO AntiVirus

Trojan.Win32.Offend.jijyf

0.28.0.58101

Norman

Troj_Generic.EGLQ

11.20170315

nProtect

Trojan/W32.Agent.213504.HX

14.03.11.02

Panda Antivirus

Generic Trojan

17.03.15.10

Qihoo 360 Security

Win32/Trojan.Generic.754

1.0.0.1015

Quick Heal

TrojanSpy.Zbot.dbnj

3.17.12.00

Sophos

Troj/VB-FVY

4.98

SUPERAntiSpyware

Trojan.Agent/Gen-Zbot

8533

Vba32 AntiVirus

Worm.Ngrbot

3.12.24.3

VIPRE Antivirus

Trojan.Win32.Generic

27280

ViRobot

Trojan.Win32.A.Zbot.213504.N

2011.4.7.4223

File size:

208.5 KB (213,504 bytes)

File type:

Executable application (Win32 EXE)

File PE Metadata

Compilation timestamp:

6/21/2011 2:47:58 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

Entry address:

0x1674

Entry point:

68, 20, 18, 40, 00, E8, EE, FF, FF, FF, 00, 00, 00, 00, 00, 00, 41, 68, 6F, 72, 72, 61, 64, 6F, 41, 68, 6F, 72, 72, 61, 64, 6F, 41, 68, 6F, 72, 72, 61, 64, 6F, 41, 68, 6F, 72, 72, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 41, 68, 6F, 72, 72, 61, 64, 6F, 41, 68, 6F, 72, 72, 61, 64, 00, 00, 00, 00, 00, 06, 00, 00, 00, E8, 34, 40, 00, 07, 00, 00, 00, 98, 32, 40, 00, 41, 68, 6F, 72, 72, 61, 64, 6F, 41, 68, 6F, 72, 72, 61, 64, 6F, 41, 68, 6F, 72, 72, 61, 64, 6F, 07, 00, 00, 00, 34, 31, 40, 00... 
[+]

Code size:

56 KB (57,344 bytes)

Remove tmpbbe9d3ae.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.