» tmpbdc3.exe
Overview
Analysis
File Details

tmpbdc3.exe

The executable tmpbdc3.exe has been detected as malware by 27 anti-virus scanners.

File name:

tmpbdc3.exe

MD5:

0cabd88637737884e3d5d849a81273af

SHA-1:

48bd75378020c4045c6e4c2bccadf3eb85f0bfd3

SHA-256:

9a626be1b06ca8678c60fcbf65c117d8f35d5fbd627c4d5fff5a411c43426a19

Scanner detections:

27 / 68

Status:

Malware

Analysis date:

4/23/2024 10:32:44 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.392600

856

Agnitum Outpost

Trojan.Kryptik

7.1.1

Avira AntiVirus

TR/Crypt.Xpack.64825

7.11.155.10

avast!

Win32:Malware-gen

2014.9-141002

AVG

Pakes_c

2015.0.3334

Baidu Antivirus

Trojan.Win32.Agent

4.0.3.14102

Bitdefender

Gen:Variant.Kazy.392600

1.0.20.1375

Dr.Web

Trojan.Packed.27144

9.0.1.0275

Emsisoft Anti-Malware

Gen:Variant.Kazy.392600

8.14.10.02.04

ESET NOD32

Win32/Kryptik.CDVV (variant)

8.9948

Fortinet FortiGate

W32/Generik.KBCHCTA!tr

10/2/2014

F-Secure

Gen:Variant.Kazy.392600

11.2014-02-10_5

G Data

Gen:Variant.Kazy.392600

14.10.24

IKARUS anti.virus

Trojan.Pakes

t3scan.1.6.1.0

K7 AntiVirus

Trojan

13.1712403

Kaspersky

Trojan.Win32.Agent

14.0.0.3164

Malwarebytes

Trojan.Agent.ED

v2014.10.02.04

McAfee

RDN/Generic.tfr!ea

5600.6990

Microsoft Security Essentials

Trojan:Win32/Dynamer!ac

1.10600

MicroWorld eScan

Gen:Variant.Kazy.392600

15.0.0.825

NANO AntiVirus

Trojan.Win32.Xpack.daowbj

0.28.0.60253

Norman

Suspicious_Gen4.GKZSD

11.20141002

Panda Antivirus

Trj/CI.A

14.10.02.04

Qihoo 360 Security

Win32/Trojan.ce8

1.0.0.1015

Sophos

Mal/Generic-S

4.98

Trend Micro House Call

TROJ_GEN.R0CBB01FA14

7.2.275

VIPRE Antivirus

Trojan.Win32.Generic

30310

File size:

186 KB (190,464 bytes)

File type:

Executable application (Win32 EXE)

Common path:

C:\ProgramData\application data\microsoft\crypto\rsa64\temp\tmpbdc3.exe

File PE Metadata

Compilation timestamp:

6/7/2014 9:43:03 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

3072:pE9ENlr0Q+nQk+c6HhLgPoi1SPuVuXxxhsFNP6FY+zQ0bxPLC8dJ:l+Kc6HtO1SPuVwuFtWPl3d

Entry address:

0x1C3C0

Entry point:

B8, F4, 00, 00, 00, E8, CA, 9A, 00, 00, A1, 60, B4, 42, 00, 33, C4, 89, 84, 24, F0, 00, 00, 00, A1, C8, 05, 41, 00, 8B, 0D, CC, 05, 41, 00, 8B, 15, D0, 05, 41, 00, 89, 44, 24, 04, A1, D4, 05, 41, 00, 89, 4C, 24, 08, 8B, 0D, D8, 05, 41, 00, 89, 54, 24, 14, 66, 8B, 15, DC, 05, 41, 00, 89, 44, 24, 18, A0, DE, 05, 41, 00, 89, 4C, 24, 1C, 66, 89, 54, 24, 20, 88, 44, 24, 22, E8, FE, 7D, FF, FF, 0F, BE, 44, 24, 1E, 3D, 7E, 63, 1C, 54, 75, 14, 6A, 00, 68, E0, 05, 41, 00, 68, E8, 05, 41, 00, 6A, 00, FF, 15, F8, 60... 
[+]

Code size:

148 KB (151,552 bytes)

Remove tmpbdc3.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.