home

d60d.tmp

unthriving

ThinPrint GmbH

The file d60d.tmp has been detected as malware by 25 anti-virus scanners.
Publisher:
Ankord Development Group (http://www.ankord.com/)  (signed by ThinPrint GmbH)

Product:
unthriving

Description:
Noncoherent

Version:
0.6.8.6

MD5:
772f4b188f04e7ab35be7be4da542c08

SHA-1:
b2d77623d142947d3729d6a7af7a84b124ecca5f

SHA-256:
8d94907606cacc1bdc4b2841a6135c3d9c996e92774876ef924b9e1222c94157

Scanner detections:
25 / 68

Status:
Malware

Analysis date:
11/25/2024 2:39:02 PM UTC  (today)

Scan engine
Detection
Engine version

AhnLab V3 Security
Backdoor/Win32.Shiz
2011.10.26

Avira AntiVirus
BDS/Simda.A.60
7.11.16.165

avast!
Win32:Malware-gen
2014.9-160701

AVG
BackDoor.Generic14
2017.0.2696

Bitdefender
Trojan.Generic.6703030
1.0.20.915

Comodo Security
TrojWare.Win32.Trojan.Agent.Gen
10566

Dr.Web
Trojan.PWS.Ibank.332
9.0.1.0183

Emsisoft Anti-Malware
Backdoor.Win32.Simda!IK
8.16.07.01.07

ESET NOD32
Win32/Kryptik.TFR (variant)
10.6577

Fortinet FortiGate
W32/Shiz.VLJ!tr.bdr
7/1/2016

F-Secure
Trojan.Generic.6703030
11.2016-01-07_6

G Data
Trojan.Generic.6703030
16.7.22

IKARUS anti.virus
Backdoor.Win32.Simda
t3scan.1.1.107.0

K7 AntiVirus
Backdoor
13.116.5339

Kaspersky
Backdoor.Win32.Shiz
14.0.0.-27

McAfee
Generic BackDoor!dq3
5600.6352

Microsoft Security Essentials
Backdoor:Win32/Simda
1.163.1557.0

Norman
W32/Suspicious_Gen3.ACUSN
11.20160701

nProtect
Trojan/W32.Agent.264482
11.10.26.01

Panda Antivirus
Suspicious file
16.07.01.07

Quick Heal
Backdoor.Shiz.vlj
7.16.11.00

Sophos
Mal/Generic-L
4.70

SUPERAntiSpyware
Trojan.Agent/Gen-Falprod
9048

Vba32 AntiVirus
Backdoor.Shiz.vlj
3.12.16.4

VIPRE Antivirus
Trojan.Win32.Generic
10883

File size:
258.3 KB (264,482 bytes)

Product version:
5.8.8.0

Copyright:
Boodleize

Common path:
C:\windows\temp\d60d.tmp

Digital Signature
Signed by:
ThinPrint GmbH

Authority:
VeriSign, Inc.

Valid from:
8/8/2007 5:00:00 AM

Valid to:
8/24/2008 4:59:59 AM

Subject:
CN=ThinPrint GmbH, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=ThinPrint GmbH, L=Berlin, S=Berlin, C=DE

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
7665E42BFC94B4AD787167B4EA700284

File PE Metadata
Compilation timestamp:
10/25/2009 12:07:21 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:mDC0INoZFuGwPp8j3qB/ZS6sInxQg0AiKN4NYqA7pV:bCZFfj3iBEU8KN4NHA7z

Entry address:
0x58000

Entry point:
BE, 69, D7, 00, 00, 33, C0, 50, 68, 9F, D5, 22, 00, 5A, 81, C2, 45, 6E, 31, 00, 52, FF, 15, 44, C0, 45, 00, 68, CC, 05, 00, 00, 5D, 81, E5, 0C, 9A, 22, 47, B8, EB, 22, 00, 00, 33, C5, 01, 2D, B4, 4D, 54, 00, 8B, D8, BF, FC, 19, 00, 00, 33, FB, 89, 1D, 5D, 49, 54, 00, 8D, 84, B7, 81, 17, 00, 00, 40, 81, C0, D8, 0A, 00, 00, 01, 05, 35, 55, 54, 00, BB, 7C, 03, 00, 00, D1, CB, BF, CF, 1E, 00, 00, 09, FB, 01, 1D, DE, 45, 54, 00, E9, 1F, 12, 00, 00, B5, 19, 3C, 67, 2E, FD, 27, 19, 82, D1, C7, D9, E1, C9, 67, 46...
 
[+]

Code size:
13 KB (13,312 bytes)

Remove d60d.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.