szn9ddf.tmp.exe

Seznam.cz, a.s.

The application szn9ddf.tmp.exe by Seznam.cz, a.s has been detected as a potentially unwanted program by 16 anti-malware scanners.
Publisher:
Seznam.cz, a.s.  (signed and verified)

MD5:
583182b77ddb5edeef9f07ebd4cb0683

SHA-1:
7ce2e89f8404d2811c53f6fdad898dc658aa8638

SHA-256:
de18f160d4326f01fcf7ab2d9d10dd20fc0f6aee8668536a779ce7fbe089467f

Scanner detections:
16 / 68

Status:
Potentially unwanted

Analysis date:
11/26/2024 10:20:09 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Gen:Application.Heur.mmHfkmjPu3mO
763

AVG
HackTool
2016.0.3241

Bitdefender
Gen:Application.Heur.mmHfkmjPu3mO
1.0.20.15

Dr.Web
Tool.PassView.849
9.0.1.03

ESET NOD32
Win32/PSWTool.WebBrowserPassView (variant)
9.10904

F-Secure
Gen:Application.Heur.mmHfkmjPu3mO
11.2015-03-01_7

G Data
Gen:Application.Heur.mmHfkmjPu3mO
15.1.24

Kaspersky
not-a-virus:HEUR:PSWTool.Win32.NetPass
14.0.0.2699

McAfee
HTool-PWSFFox
5600.6897

Microsoft Security Essentials
HackTool:Win32/BrowserPassview
1.11302

MicroWorld eScan
Gen:Application.Heur.mmHfkmjPu3mO
16.0.0.9

NANO AntiVirus
Riskware.Win32.PassView.dchbub
0.28.6.64267

Panda Antivirus
Trj/CI.A
15.01.03.05

Qihoo 360 Security
Malware.QVM01.Gen
1.0.0.1015

Reason Heuristics
PUP.Seznam (M)
16.10.19.12

Zillya! Antivirus
Backdoor.PePatch.Win32.42070
2.0.0.2009

File size:
198.7 KB (203,472 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\szn9ddf.tmp.exe

Digital Signature
Signed by:

Authority:
Thawte, Inc.

Valid from:
9/23/2014 2:00:00 AM

Valid to:
4/11/2015 1:59:59 AM

Subject:
CN="Seznam.cz, a.s.", O="Seznam.cz, a.s.", L=Praha 5, S=Praha 5, C=CZ

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
7328E1773A755016272BB51524E38F71

File PE Metadata
Compilation timestamp:
7/6/2014 6:50:11 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
3072:wswSY/2NMVTXJvk/i9QImLDDjb2PdREZ0VcQ1eGAQ0/2M1BiCCwN232DMdsGaJ1:wzSE2NgZhMXDjb2ffcnlQm518wN0QF3

Entry address:
0x5AF20

Entry point:
60, BE, 00, D0, 42, 00, 8D, BE, 00, 40, FD, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89...
 
[+]

Packer / compiler:
UPX 2.90LZMA

Code size:
188 KB (192,512 bytes)

Remove szn9ddf.tmp.exe - Powered by Reason Core Security