home

49f3.tmp

SOFTWARE SOLUTION TECNOLOGIA DA INFORMACAO LTDA - ME

Publisher:
SOFTWARE SOLUTION TECNOLOGIA DA INFORMACAO LTDA - ME  (signed and verified)

MD5:
c956b96436664c8a649513b906fc4140

SHA-1:
ba8b90915205d700ff6cbcad72415a5c530b78ee

SHA-256:
b46aef785ea80909061445250b72e48c2db6fc56365b5c519763750fb94667ed

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/27/2024 2:59:37 AM UTC  (today)

Scan engine
Detection
Engine version

AegisLab AV Signature
Troj.W32.Vilsel
2.1.4+

F-Prot
W32/NewMalware-LSU-based!Maximu
4.6.5.141

Qihoo 360 Security
HEUR/QVM20.1.Malware.Gen
1.0.0.1120

File size:
21.9 KB (22,384 bytes)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\49f3.tmp

Digital Signature
Signed by:
SOFTWARE SOLUTION TECNOLOGIA DA INFORMACAO LTDA - ME

Authority:
GlobalSign nv-sa

Valid from:
10/19/2015 3:59:00 PM

Valid to:
10/19/2016 3:59:00 PM

Subject:
CN=SOFTWARE SOLUTION TECNOLOGIA DA INFORMACAO LTDA - ME, OU=TI, O=SOFTWARE SOLUTION TECNOLOGIA DA INFORMACAO LTDA - ME, L=SAO BERNARDO DO CAMPO, S=SAO PAULO, C=BR

Issuer:
CN=GlobalSign CodeSigning CA - G2, O=GlobalSign nv-sa, C=BE

Serial number:
1121AA0F08A8D60878BA42D485354A250087

File PE Metadata
Compilation timestamp:
11/17/2015 10:38:23 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.25

CTPH (ssdeep):
384:2S7+mPOuaCOWOGx1lF3L5gr2QWk5DW+OK0IKJ7rr5:2S7RtdfvF362QHhWnIQb

Entry address:
0x14E0

Entry point:
83, EC, 0C, C7, 05, 58, 66, 40, 00, 00, 00, 00, 00, E8, DE, 08, 00, 00, 83, C4, 0C, E9, 86, FC, FF, FF, 90, 90, 90, 90, 90, 90, 55, 89, E5, 83, EC, 18, A1, 2C, 40, 40, 00, 85, C0, 74, 3C, C7, 04, 24, 00, 50, 40, 00, FF, 15, 4C, 72, 40, 00, 83, EC, 04, 85, C0, BA, 00, 00, 00, 00, 74, 16, C7, 44, 24, 04, 0E, 50, 40, 00, 89, 04, 24, FF, 15, 50, 72, 40, 00, 83, EC, 08, 89, C2, 85, D2, 74, 09, C7, 04, 24, 2C, 40, 40, 00, FF, D2, C7, 04, 24, 60, 15, 40, 00, E8, 99, 07, 00, 00, C9, C3, 8D, B4, 26, 00, 00, 00, 00...
 
[+]

Code size:
8.5 KB (8,704 bytes)

Scan 49f3.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.