» _ifde77.tmp
Overview
Analysis
File Details

_ifde77.tmp

The file _ifde77.tmp, “R.O.S.E Online YouNeedServer Launcher” has been detected as malware by 17 anti-virus scanners.

File name:

_ifde77.tmp

Description:

R.O.S.E Online YouNeedServer Launcher

Version:

2016.12.01.0

MD5:

3257f8b4178e521cd5e3fd1238effefa

SHA-1:

5b7e4674cb908366df3ba5eaeaf72f3c2bb9cd62

SHA-256:

c7b1d25fa8a4ac82cba241af4171986be6c0fda1fa4ae1bff2decf0d181ac217

Scanner detections:

17 / 68

Status:

Malware

Analysis date:

4/1/2025 7:08:49 PM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Trojan.GenericKD.4013247

-40

Avira AntiVirus

TR/Agent.yavvg

8.3.3.4

Arcabit

Trojan.Generic.D3D3CBF

1.0.0.792

avast!

Win32:Malware-gen

2014.9-170315

Bitdefender

Trojan.GenericKD.4013247

1.0.20.370

Bkav FE

W32.HfsAtITPSINF

1.3.0.8455

Emsisoft Anti-Malware

Trojan.GenericKD.4013247

8.17.03.15.08

Fortinet FortiGate

W32/Generic!tr

3/15/2017

F-Secure

Trojan.GenericKD.4013247

11.2017-15-03_4

G Data

Trojan.GenericKD.4013247

17.3.25

Kaspersky

HEUR:Trojan.Win32.Generic

14.0.0.-1314

McAfee

Artemis!3257F8B4178E

5600.6094

MicroWorld eScan

Trojan.GenericKD.4013247

18.0.0.222

Qihoo 360 Security

HEUR/QVM11.1.0000.Malware.Gen

1.0.0.1120

Trend Micro House Call

TROJ_GEN.R070H07LP16

7.2.74

Vba32 AntiVirus

Trojan-Downloader.Autoit.gen

3.12.26.4

VIPRE Antivirus

Trojan.Win32.Generic

54910

File size:

371.2 KB (380,075 bytes)

Common path:

C:\users\{user}\appdata\local\virtualstore\Program Files\roseonline_yns\_ifde77.tmp

File PE Metadata

Compilation timestamp:

1/16/2010 1:09:54 AM

OS version:

5.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

9.0

Entry address:

0xAFED0

Entry point:

60, BE, 00, E0, 46, 00, 8D, BE, 00, 30, F9, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89... 
[+]

Entropy:

7.9351

Packer / compiler:

UPX 2.90LZMA

Code size:

268 KB (274,432 bytes)

Remove _ifde77.tmp - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.