home

vbuqauvt.tmp

{6B163E3A-B8CC-4B9B-BCDD-139987D0B62D}

The file vbuqauvt.tmp has been detected as malware by 27 anti-virus scanners.
Publisher:
{6B163E3A-B8CC-4B9B-BCDD-139987D0B62D}  (signed and verified)

MD5:
9eff3c99ec17ec71ed4ce92d03631fb9

SHA-1:
376b0c54cb4da52cdabc9f1549f5f01066c54630

SHA-256:
aa71b6cbbb48c94cb766440ca767780c6e575a280f43295f66afbf2a4c147322

Scanner detections:
27 / 68

Status:
Malware

Analysis date:
4/19/2024 8:13:01 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.1448864
274

Agnitum Outpost
Trojan.Injector
7.1.1

AhnLab V3 Security
Trojan/Win32.Limitail
16.05.06

Avira AntiVirus
TR/Dropper.MSIL.Gen
7.11.136.240

avast!
MSIL:Injector-GL [Trj]
2014.9-160506

AVG
BackDoor.Generic18
2017.0.2752

Baidu Antivirus
Backdoor.Win32.DarkKomet
4.0.3.1656

Bitdefender
Trojan.GenericKD.1448864
1.0.20.635

Bkav FE
W32.Clod0a1.Trojan
1.3.0.4959

Comodo Security
UnclassifiedMalware
17927

Emsisoft Anti-Malware
Trojan.GenericKD.1448864
8.16.05.06.01

ESET NOD32
MSIL/Injector.CIM (variant)
10.9542

Fortinet FortiGate
W32/DarkKomet.BQKI!tr.bdr
5/6/2016

F-Secure
Trojan.GenericKD.1448864
11.2016-06-05_6

G Data
Trojan.GenericKD.1448864
16.5.24

IKARUS anti.virus
Trojan-Dropper.Win32.Dapato
t3scan.2.2.29

K7 AntiVirus
Trojan
13.176.11451

Kaspersky
Backdoor.Win32.DarkKomet
14.0.0.255

Malwarebytes
Trojan.MSIL
v2016.05.06.01

McAfee
Artemis!9EFF3C99EC17
5600.6408

MicroWorld eScan
Trojan.GenericKD.1448864
17.0.0.381

nProtect
Trojan.GenericKD.1448864
14.03.14.01

Panda Antivirus
Generic Malware
16.05.06.01

Sophos
Mal/Cleaman-B
4.98

Trend Micro House Call
TROJ_GEN.R047C0RLJ13
7.2.127

Trend Micro
TROJ_GEN.R047C0RLJ13
10.465.06

VIPRE Antivirus
Trojan.Win32.Generic
27366

File size:
1 MB (1,057,856 bytes)

Common path:
C:\users\{user}\appdata\roaming\microsoft\windows\vbuqauvt.tmp

Digital Signature
Signed by:
{6B163E3A-B8CC-4B9B-BCDD-139987D0B62D}

Authority:
{6B163E3A-B8CC-4B9B-BCDD-139987D0B62D}

Valid from:
12/6/2013 10:17:21 PM

Valid to:
12/7/2014 4:17:21 AM

Subject:
CN={6B163E3A-B8CC-4B9B-BCDD-139987D0B62D}

Issuer:
CN={6B163E3A-B8CC-4B9B-BCDD-139987D0B62D}

Serial number:
4061477664A360BC46AE5F2F20060943

File PE Metadata
Compilation timestamp:
12/9/2013 10:00:31 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
12288:NcH8551kV7k4A6kHf95cTlWCZdrp4lTeag2oiNqGewiEtLIw5UFWM6nkgWUFLBev:NbQm6W54/WENKn2FQkx6ZGFqpqCJg3

Entry address:
0x102EDE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
1 MB (1,052,672 bytes)

Remove vbuqauvt.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.