8b2d.tmp

Wishapp

This is a component of the Bundlore download manager which bundles applications with offers for additional 3rd party software, mostly unwanted adware, and may be installed with minimal consent. The file 8b2d.tmp by Wishapp has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat.
Publisher:
Wishapp  (signed and verified)

MD5:
746743f22e2af3eb62fbc01a76142d14

SHA-1:
46e721802e2161226024d17b3e1994254a9e2296

SHA-256:
342f55ca4b2282363e49a09ce9c98b88b085ba686c962a1e051487582df42313

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
12/25/2024 12:27:24 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP.Bundlore (M)
17.3.15.19

File size:
361.9 KB (370,552 bytes)

Common path:
C:\users\{user}\downloads\8b2d.tmp

Digital Signature
Signed by:

Authority:
COMODO CA Limited

Valid from:
3/25/2014 5:00:00 PM

Valid to:
3/26/2015 4:59:59 PM

Subject:
CN=Wishapp, O=Wishapp, POBox=111111, STREET=Ehad Haam 21 St., L=Tel Aviv, S=Israel, PostalCode=6515103, C=IL

Issuer:
CN=COMODO Code Signing CA 2, O=COMODO CA Limited, L=Salford, S=Greater Manchester, C=GB

Serial number:
00CD0079B254DD9332C628B0FD0A953ED4

File PE Metadata
Compilation timestamp:
12/9/2014 12:37:13 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
12.0

Entry address:
0x3EE6

Entry point:
E8, F1, 45, 00, 00, E9, 00, 00, 00, 00, 6A, 14, 68, 00, 8E, 41, 00, E8, E4, 1E, 00, 00, E8, C2, 47, 00, 00, 0F, B7, F0, 6A, 02, E8, 84, 45, 00, 00, 59, B8, 4D, 5A, 00, 00, 66, 39, 05, 00, 00, 40, 00, 74, 04, 33, DB, EB, 33, A1, 3C, 00, 40, 00, 81, B8, 00, 00, 40, 00, 50, 45, 00, 00, 75, EB, B9, 0B, 01, 00, 00, 66, 39, 88, 18, 00, 40, 00, 75, DD, 33, DB, 83, B8, 74, 00, 40, 00, 0E, 76, 09, 39, 98, E8, 00, 40, 00, 0F, 95, C3, 89, 5D, E4, E8, 43, 3D, 00, 00, 85, C0, 75, 08, 6A, 1C, E8, DC, 00, 00, 00, 59, E8...
 
[+]

Entropy:
6.9551

Code size:
72 KB (73,728 bytes)

Remove 8b2d.tmp - Powered by Reason Core Security