home

webesc.tmp

Web Discover

The file webesc.tmp has been detected as malware by 1 anti-virus scanner.
Publisher:
Web Discover  (signed and verified)

Description:
Setup/Uninstall

Version:
51.52.0.0

MD5:
291d0b89b16db2f8b6a987faacd22bee

SHA-1:
68b82a8b14a23ff9b773cb84ed41cf1e7e65bd5e

SHA-256:
76822cf212ba55bfd86c5f6581697dbec6f8b3ee18dea9c879301a8280004815

Scanner detections:
1 / 68

Status:
Malware

Analysis date:
11/22/2024 9:49:03 AM UTC  (today)

Scan engine
Detection
Engine version

Reason Heuristics
PUP (M)
17.2.1.18

File size:
802.2 KB (821,472 bytes)

Language:
Language Neutral

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\webesc.tmp

Digital Signature
Signed by:
Web Discover

Authority:
Symantec Corporation

Valid from:
2/22/2016 6:00:00 PM

Valid to:
2/22/2017 5:59:59 PM

Subject:
CN=Web Discover, O=Web Discover, L=Wilmington, S=Delaware, C=US

Issuer:
CN=Symantec Class 3 SHA256 Code Signing CA, OU=Symantec Trust Network, O=Symantec Corporation, C=US

Serial number:
6A8AE55D88F918454899216E122FA657

File PE Metadata
Compilation timestamp:
6/19/1992 5:22:17 PM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

Entry address:
0x9A490

Entry point:
55, 8B, EC, 83, C4, F4, 53, 56, 57, E8, A6, 8E, F6, FF, E8, FD, B1, F6, FF, E8, 4C, BF, F6, FF, E8, 67, C3, F6, FF, E8, EA, F8, F6, FF, E8, FD, 66, F7, FF, E8, 60, 69, F7, FF, E8, B7, 88, F7, FF, E8, CA, EF, F7, FF, E8, C5, AE, F8, FF, E8, D8, 56, F9, FF, E8, BF, 69, F9, FF, E8, 42, 58, FB, FF, E8, 09, 5D, FB, FF, E8, 74, 66, FB, FF, E8, 53, 7A, FB, FF, E8, 46, 94, FB, FF, E8, 5D, D3, FB, FF, E8, BC, E2, FB, FF, E8, CF, F5, FB, FF, E8, 12, AD, FC, FF, E8, A9, 35, FD, FF, E8, 5C, F9, FD, FF, E8, 63, AE, FE...
 
[+]

Entropy:
6.2738

Developed / compiled with:
Microsoft Visual C++

Code size:
614 KB (628,736 bytes)

Remove webesc.tmp - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.