home

s2cache.tmp

Skymonk Solutions Limited

The file s2cache.tmp by Skymonk Solutions Limited has been detected as adware by 1 anti-malware scanner with very strong indications that the file is a potential threat. It is also typically executed from the user's temporary directory.
Publisher:
Skymonk Solutions Limited  (signed and verified)

MD5:
ad35691648c196127a9c52eb3ff420e4

SHA-1:
fa494d28ff077cb612621caaf679d7922c89bba0

SHA-256:
cf6ca8ac567866c2c7152651fd5ea89cb16749960582d2c70e201e050a9a3eb3

Scanner detections:
1 / 68

Status:
Adware

Note:
Our current pool of anti-malware engines have not currently detected this file, however based on our own detection heuristics we feel that this file is unwanted.

Analysis date:
11/23/2024 9:02:14 PM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.1.14.12

File size:
725.3 KB (742,736 bytes)

Common path:
C:\users\{user}\appdata\local\temp\s2cache.tmp

Digital Signature
Signed by:
Skymonk Solutions Limited

Authority:
VeriSign, Inc.

Valid from:
4/9/2012 2:00:00 AM

Valid to:
4/10/2015 1:59:59 AM

Subject:
CN=Skymonk Solutions Limited, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Skymonk Solutions Limited, L=Tortola, S=Tortola, C=VG

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
632A5F301191DF03C4933D982BAD525F

File PE Metadata
Compilation timestamp:
2/24/2012 9:22:01 PM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x36DA

Entry point:
6E, 74, 65, 6E, 74, 2D, 54, 79, 70, 65, 3A, 20, 61, 70, 70, 6C, 69, 63, 61, 74, 69, 6F, 6E, 2F, 6F, 63, 74, 65, 74, 2D, 73, 74, 72, 65, 61, 6D, 0D, 0A, 43, 6F, 6E, 74, 65, 6E, 74, 2D, 4C, 65, 6E, 67, 74, 68, 3A, 20, 37, 34, 32, 37, 33, 36, 0D, 0A, 43, 6F, 6E, 6E, 65, 63, 74, 69, 6F, 6E, 3A, 20, 6B, 65, 65, 70, 2D, 61, 6C, 69, 76, 65, 0D, 0A, 4C, 61, 73, 74, 2D, 4D, 6F, 64, 69, 66, 69, 65, 64, 3A, 20, 54, 68, 75, 2C, 20, 31, 37, 20, 4A, 61, 6E, 20, 32, 30, 31, 33, 20, 31, 33, 3A, 30, 34, 3A, 34, 39, 20, 47...
 
[+]

Entropy:
7.9345  (probably packed)

Code size:
28 KB (28,672 bytes)

Remove s2cache.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.