» rad69ad6.tmp.com
Overview
Analysis
File Details

rad69ad6.tmp.com

Ghisler Software GmbH

The file rad69ad6.tmp.com, “Total Commander odministrator Tool” has been detected as a potentially unwanted program by 33 anti-malware scanners.

File name:

rad69ad6.tmp.com

Publisher:

Ghisler Software GmbH

Description:

Total Commander odministrator Tool

Version:

1, 0, 0, 5

MD5:

4a9df60773e87a849cabca35a95193a3

SHA-1:

5ec770daaa7c781787e757ae7b34aeb03da0f758

Scanner detections:

33 / 68

Status:

Potentially unwanted

Analysis date:

4/27/2024 8:31:34 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.Ransom.Cerber.1

-40

AegisLab AV Signature

Troj.Downloader.W32.Lmn!c

2.1.4+

AhnLab V3 Security

Trojan/Win32.Cerber.R189294

3.8.1.16

Avira AntiVirus

TR/Crypt.ZPACK.hxebz

8.3.3.4

Arcabit

Trojan.Ransom.Cerber.1

1.0.0.788

avast!

Win32:Malware-gen

2014.9-170315

AVG

FileCryptor

2018.0.2438

Baidu Antivirus

Win32.Trojan.Kryptik

4.0.3.17315

Bitdefender

Trojan.Ransom.Cerber.1

1.0.20.370

Bkav FE

W32.eHeur.Malware09

1.3.0.8455

Dr.Web

Trojan.Encoder.4691

9.0.1.074

Emsisoft Anti-Malware

Trojan.Ransom.Cerber

8.17.03.15.11

ESET NOD32

Win32/Filecoder.Cerber

11.14488

Fortinet FortiGate

W32/Generic.AP.22E34!tr

3/15/2017

F-Prot

W32/S-18293dc9

v6.4.7.1.166

F-Secure

Trojan.Ransom.Cerber.1

11.2017-15-03_4

G Data

Trojan.Ransom.Cerber

17.3.25

IKARUS anti.virus

Trojan.Win32.Filecoder

t3scan.2.1.16.0

K7 AntiVirus

Riskware

13.245.21590

Kaspersky

not-a-virus:HEUR:Downloader.Win32.LMN

14.0.0.-1315

Malwarebytes

Ransom.Cerber

v2017.03.15.11

McAfee

PUP-XAL-PQ!4A9DF60773E8

5600.6094

Microsoft Security Essentials

Ransom:Win32/Cerber

1.1.13303.0

MicroWorld eScan

Trojan.Ransom.Cerber.1

18.0.0.222

Panda Antivirus

Trj/Genetic.gen

17.03.15.11

Qihoo 360 Security

HEUR/QVM20.1.A2B1.Malware.Gen

1.0.0.1120

Quick Heal

Ransom.Cerber

3.17.14.00

Sophos

Mal/Cerber-K

4.98

Trend Micro House Call

Ransom_HPCERBER.SM31

7.2.74

Trend Micro

Ransom_Cerber.R000C0DJP16

10.465.15

VIPRE Antivirus

Trojan.Win32.Generic.pak!cobra

53976

ViRobot

Trojan.Win32.Z.Cerber.642687.EO[h]

2014.3.20.0

Zillya! Antivirus

Trojan.Filecoder.Win32.3379

2.0.0.3129

File size:

627.6 KB (642,687 bytes)

Common path:

C:\Documents and Settings\{user}\Local settings\temp\rad69ad6.tmp.com

File PE Metadata

Compilation timestamp:

10/22/2016 11:57:50 PM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

Entry address:

0x15A0

Entry point:

55, 8B, EC, B8, 78, 7F, 00, 00, E8, 43, 11, 00, 00, 57, C6, 45, AF, 9E, C7, 85, 3C, 82, FF, FF, 02, 00, 00, 00, EB, 0F, 8B, 85, 3C, 82, FF, FF, 83, C0, 0D, 89, 85, 3C, 82, FF, FF, 81, BD, 3C, 82, FF, FF, 7B, 7D, 00, 00, 73, 0D, 68, 4C, 20, 47, 00, FF, 15, 7C, E0, 44, 00, EB, D8, 8B, 8D, 2C, 82, FF, FF, C1, E9, DF, 89, 8D, 2C, 82, FF, FF, 8B, 95, 34, 82, FF, FF, 03, 95, 1C, 82, FF, FF, 89, 95, 30, 82, FF, FF, 8B, 85, 3C, 82, FF, FF, 50, 8B, 8D, 1C, 82, FF, FF, 51, FF, 15, 20, E0, 44, 00, 68, 64, 20, 47, 00... 
[+]

Entropy:

5.9262

Developed / compiled with:

Microsoft Visual C++

Code size:

308 KB (315,392 bytes)

Remove rad69ad6.tmp.com - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.