» trz49eb.tmp
Overview
Analysis
File Details

trz49eb.tmp

The file trz49eb.tmp has been detected as malware by 26 anti-virus scanners.

File name:

trz49eb.tmp

MD5:

cdfebce5ebcf59121a246319cffba2c3

SHA-1:

e4f42e16c32b202a022c6e29aec13ba2b5f03f09

SHA-256:

c6104c9e1565e01b1a43a4376c9c00900a9592c5d1c43f97b0da4ef1ff449388

Scanner detections:

26 / 68

Status:

Malware

Analysis date:

11/29/2024 4:45:07 AM UTC (today)

Scan engine

Detection

Engine version

Lavasoft Ad-Aware

Gen:Variant.Kazy.344066

-40

AhnLab V3 Security

Backdoor/Win32.Necurs

2014.03.08

Avira AntiVirus

TR/Crypt.Xpack.59797

7.11.135.160

avast!

Win32:Rootkit-gen [Rtk]

2014.9-170316

Baidu Antivirus

Trojan.Win32.Necurs

4.0.3.17316

Bitdefender

Gen:Variant.Kazy.344066

1.0.20.375

Bkav FE

HW32.CDB

1.3.0.4959

Comodo Security

UnclassifiedMalware

17899

Dr.Web

Trojan.Click3.5943

9.0.1.075

Emsisoft Anti-Malware

Gen:Variant.Kazy.344066

8.17.03.16.06

ESET NOD32

Win32/Kryptik.BVZO (variant)

11.9515

Fortinet FortiGate

W32/Necurs.TFX!tr

3/16/2017

F-Secure

Gen:Variant.Kazy.344066

11.2017-16-03_5

G Data

Gen:Variant.Kazy.344066

17.3.24

Kaspersky

Trojan-Dropper.Win32.Necurs

14.0.0.-1316

Malwarebytes

Trojan.Agent

v2017.03.16.06

McAfee

RDN/Generic Dropper!ty

5600.6094

Microsoft Security Essentials

Trojan:Win32/Necurs.A

1.10302

MicroWorld eScan

Gen:Variant.Kazy.344066

18.0.0.225

Panda Antivirus

Generic Malware

17.03.16.06

Qihoo 360 Security

HEUR/Malware.QVM20.Gen

1.0.0.1015

Rising Antivirus

PE:Malware.XPACK-HIE/Heur!1.9C48

23.00.65.17314

Sophos

Mal/Cridex-F

4.98

Trend Micro House Call

TROJ_GEN.R08NC0DC514

7.2.75

Trend Micro

TROJ_GEN.R08NC0DC514

10.465.16

VIPRE Antivirus

Trojan.Win32.Generic

27180

File size:

204 KB (208,896 bytes)

Common path:

C:\users\{user}\appdata\local\temp\trz49eb.tmp

File PE Metadata

Compilation timestamp:

2/6/2014 7:49:33 PM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

Entry address:

0x232CF

Entry point:

55, 8B, EC, 83, EC, 54, 53, 56, 57, 33, FF, 8D, 15, D0, 45, 43, 00, 89, 15, 00, 4E, 43, 00, FF, 35, 00, 4E, 43, 00, 8D, 05, C8, 45, 43, 00, A3, BC, 46, 43, 00, 8D, 15, 8C, 46, 43, 00, 52, FF, 35, 04, 4E, 43, 00, FF, 15, 0C, 50, 42, 00, A3, B8, 46, 43, 00, A1, BC, 46, 43, 00, 89, 45, F8, 8D, 0D, C4, 46, 43, 00, 89, 4D, C0, FF, 75, C0, FF, 15, E4, 50, 42, 00, A3, 50, 47, 43, 00, 6A, 00, FF, 15, 08, 50, 42, 00, A3, F4, 46, 43, 00, 8B, 45, F8, 89, 45, BC, FF, 75, BC, 68, F8, 46, 43, 00, FF, 15, DC, 50, 42, 00... 
[+]

Developed / compiled with:

Microsoft Visual C++

Code size:

141 KB (144,384 bytes)

Remove trz49eb.tmp - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.