tplistubsetup.exe

The application tplistubsetup.exe has been detected as a potentially unwanted program by 21 anti-malware scanners. The file has been seen being downloaded from securehost-2.com.
MD5:
9ef859324148882dc169b1ee5a985e02

SHA-1:
612b1620200e757139a52700f1aefc846187c6a1

SHA-256:
65de26a66715d56f8620644e07296cfb0a433ee2c141c5613f246f839fd0c3ae

Scanner detections:
21 / 68

Status:
Potentially unwanted

Analysis date:
12/25/2024 5:57:48 PM UTC  (today)

Scan engine
Detection
Engine version

Lavasoft Ad-Aware
Trojan.GenericKD.2140439
376

Agnitum Outpost
Riskware.Agent
7.1.1

avast!
Win32:Malware-gen
2014.9-160125

Baidu Antivirus
PUA.Win32.DealPly
4.0.3.16125

Bitdefender
Trojan.GenericKD.2140439
1.0.20.125

Comodo Security
ApplicUnwnt
21941

Emsisoft Anti-Malware
Trojan.GenericKD.2140439
8.16.01.25.09

ESET NOD32
Win32/DealPly.AG potentially unwanted (variant)
10.11554

F-Prot
W32/Symmi.BG.gen
v6.4.7.1.166

F-Secure
Trojan.GenericKD.2140439
11.2016-25-01_2

G Data
Trojan.GenericKD.2140439
16.1.25

IKARUS anti.virus
Win32.SuspectCrc
t3scan.1.8.9.0

K7 AntiVirus
Adware
13.203.15753

McAfee
Artemis!9EF859324148
5600.6510

MicroWorld eScan
Trojan.GenericKD.2140439
17.0.0.75

nProtect
Trojan.GenericKD.2140439
15.04.29.01

Panda Antivirus
Trj/Genetic.gen
16.01.25.09

Sophos
Generic PUA GB
4.98

Trend Micro House Call
TROJ_GEN.R02KC0OBF15
7.2.25

Trend Micro
TROJ_GEN.R02KC0OBF15
10.465.25

VIPRE Antivirus
Trojan.Win32.Generic
39804

File size:
406 KB (415,731 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\11\tplistubsetup.exe

File PE Metadata
Compilation timestamp:
6/19/1992 6:22:17 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
12288:Ir64qH8OZ4W9i78oNsx3erg6OIQPSwDXTsj3sa:541OWW9iooQOU64Soba

Entry address:
0x56FA8

Entry point:
55, 8B, EC, 83, C4, F0, B8, 10, 6E, 45, 00, E8, D8, FD, FA, FF, B8, 01, 00, 00, 00, E8, 9E, C0, FA, FF, 83, F8, 1D, 75, 46, D2, 0C, 02, 00, AB, E0, 03, 00, 8B, 81, EB, 00, DF, 34, 53, 00, 6F, 85, 02, 00, BC, CB, 74, 00, A1, 24, 18, 05, D2, 0C, 02, 00, AB, E0, 03, 00, 8B, 81, EB, 00, DF, 34, 53, 00, 6F, 85, 02, 00, BC, CB, 74, 00, A1, 24, 18, 05, E8, F0, B9, FA, FF, 83, F8, 5D, 0F, 84, 1B, 15, 00, 00, 68, 38, 85, 45, 00, 6A, 00, 6A, 00, 6A, 00, 33, C9, BA, 4C, 85, 45, 00, 33, C0, E8, FE, 94, FF, FF, E8, C9...
 
[+]

Entropy:
6.5838

Developed / compiled with:
Microsoft Visual C++

Code size:
349.5 KB (357,888 bytes)

The file tplistubsetup.exe has been seen being distributed by the following URL.

Remove tplistubsetup.exe - Powered by Reason Core Security