snsecb10.tmp

The file snsecb10.tmp has been detected as malware by 12 anti-virus scanners. The file has been seen being downloaded from d10huri5h4o4a3.cloudfront.net.
MD5:
9e7fc14a674b9cb14b761249e5512f1a

SHA-1:
0e17c396e7f8367fc6366bb9f041add9b3cf8013

SHA-256:
1f9e0d5c94e51fb2b0821ba47d4f2dabc41a91cb5f08996a5c6667be7538b7be

Scanner detections:
12 / 68

Status:
Malware

Analysis date:
12/27/2024 3:53:22 AM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Variant.Graftor.177144
545

Avira AntiVirus
TR/Graftor.179200.2
7.11.213.12

Bitdefender
Gen:Variant.Graftor.177144
1.0.20.1100

Emsisoft Anti-Malware
Gen:Variant.Graftor.177144
8.15.08.08.05

F-Secure
Gen:Variant.Graftor.177144
11.2015-08-08_7

G Data
Gen:Variant.Graftor.177144
15.8.25

Kaspersky
UDS:DangerousObject.Multi.Generic
14.0.0.1611

McAfee
Artemis!9E7FC14A674B
5600.6679

MicroWorld eScan
Gen:Variant.Graftor.177144
16.0.0.660

Qihoo 360 Security
HEUR/QVM10.1.Malware.Gen
1.0.0.1015

Reason Heuristics
Threat.Win.Reputation.IMP
15.8.13.0

Trend Micro House Call
Suspicious_GEN.F47V0226
7.2.220

File size:
175 KB (179,200 bytes)

Common path:
C:\users\{user}\appdata\local\4c4c4544-1424921833-4610-804e-b3c04f505231\snsecb10.tmp

File PE Metadata
Compilation timestamp:
2/26/2015 3:18:22 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
3072:LeluciLpM6bqqGGllqhCvXI4zaEQQRWIgjDcJwRajiKLBgN5kIb5AZyUq5PDnyvl:LuPiLpM64CfI6aL+ruRVKLBUkI68UqIl

Entry address:
0xA522

Entry point:
E8, 32, 4C, 00, 00, E9, 89, FE, FF, FF, 8B, FF, 55, 8B, EC, 8B, 55, 08, 56, 57, 85, D2, 74, 07, 8B, 7D, 0C, 85, FF, 75, 13, E8, 06, 2A, 00, 00, 6A, 16, 5E, 89, 30, E8, 71, 29, 00, 00, 8B, C6, EB, 33, 8B, 45, 10, 85, C0, 75, 04, 88, 02, EB, E2, 8B, F2, 2B, F0, 8A, 08, 88, 0C, 06, 40, 84, C9, 74, 03, 4F, 75, F3, 85, FF, 75, 11, C6, 02, 00, E8, D0, 29, 00, 00, 6A, 22, 59, 89, 08, 8B, F1, EB, C6, 33, C0, 5F, 5E, 5D, C3, CC, CC, CC, CC, CC, 8B, 4C, 24, 04, F7, C1, 03, 00, 00, 00, 74, 24, 8A, 01, 83, C1, 01, 84...
 
[+]

Code size:
137.5 KB (140,800 bytes)

The file snsecb10.tmp has been seen being distributed by the following URL.

Remove snsecb10.tmp - Powered by Reason Core Security