home

tmp.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from www.ugr.es.
MD5:
26d02bed59fc0ba3fa19e21051624aaf

SHA-1:
788c4b1dd892a67e2a331e1b041d7a3b8585f2d5

SHA-256:
accd9034b121f14b5c1fdfae8dbfe1fc9a23870f2dd150386584d2d3bd17cdb9

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/23/2024 10:34:57 AM UTC  (today)

Scan engine
Detection
Engine version

Trend Micro House Call
TROJ_GEN.F47V0330
7.2.203

File size:
110 KB (112,678 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\tmp.exe

File PE Metadata
Compilation timestamp:
3/26/2050 2:07:30 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
2.25

CTPH (ssdeep):
1536:MfpD9Yav4ghLsMEpGJb2qqGcjuosSXaxYdh:MfpDPv4APbPqGu5Xak

Entry address:
0x10000

Entry point:
A1, 59, 00, 42, 00, C1, E0, 02, A3, 5D, 00, 42, 00, 57, 51, 33, C0, BF, F0, 17, 42, 00, B9, 5C, 64, 88, 00, 3B, CF, 76, 05, 2B, CF, FC, F3, AA, 59, 5F, 64, 67, 8B, 16, 04, 00, 8B, 42, F8, A3, 61, 00, 42, 00, 8B, 42, FC, A3, 65, 00, 42, 00, 83, EA, 04, 89, 15, 34, 60, 88, 00, 83, EA, 04, 3B, D4, 73, 02, 8B, E2, 6A, 00, E8, EE, B2, 00, 00, 59, 68, 2C, 00, 42, 00, 6A, 00, E8, CB, F2, 00, 00, A3, 6A, 00, 42, 00, 6A, 00, E9, AE, F0, 00, 00, E9, 89, B3, 00, 00, 00, 55, 8B, EC, 83, C4, F4, 8B, 45, 08, 85, C0, 7D...
 
[+]

Code size:
61 KB (62,464 bytes)

The file tmp.exe has been seen being distributed by the following URL.

http://www.ugr.es/local/.../TMP.EXE

Scan tmp.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.