home

tmp1b13.exe

Laufradeintritten

6 Wunderkinder GmbH

Publisher:
Lostramo  (signed by 6 Wunderkinder GmbH)

Product:
Laufradeintritten

Description:
Lostramo

Version:
6.07.0005

MD5:
e35625dac1d9f20c72116d2524647450

SHA-1:
c9c0a338b2a52a6a1cace6945b57a37c2c9f4bf0

SHA-256:
b65fc951da945dafd2b7dfe4ebb7127587660d77bfc7584ba6dae9c8b1f74f99

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/27/2024 3:06:53 AM UTC  (today)

File size:
179.2 KB (183,456 bytes)

Product version:
6.07.0005

Original file name:
Lostramo.exe

File type:
Executable application (Win32 EXE)

Language:
Arabic (Saudi Arabia)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\tmp1b13.exe

Digital Signature
Signed by:
6 Wunderkinder GmbH

Authority:
Symantec Corporation

Valid from:
1/8/2016 3:00:00 AM

Valid to:
2/7/2017 2:59:59 AM

Subject:
CN=6 Wunderkinder GmbH, O=6 Wunderkinder GmbH, L=Berlin, S=Berlin, C=DE

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
36C84D4A1289E42DE51C84FAD2683E03

File PE Metadata
Compilation timestamp:
2/22/2016 10:55:23 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:DryK8FnvqbnsfDKD1/d+otY8ooHHmCR23nUj:DryVNAdPtY8BHHmq2

Entry address:
0x2938

Entry point:
68, E4, 64, 41, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 3D, 24, DE, CE, A4, F0, 6B, 40, 93, D0, B4, 99, F1, 6A, 81, 11, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 46, 61, 68, 72, 7A, 65, 75, 67, 74, 65, 69, 6C, 65, 32, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 03, 48, 00, 63, DC, 82, 11, 5F, 4A, 83, FB, 94, E5, 22, 71, 60, C1, BC, 02, 4D, 4A, 7B, 36, 6B, 4A, 8F, D6, 25, 21, F2, 9D, 02, A4, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
6.4630

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
152 KB (155,648 bytes)

Scan tmp1b13.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.