Should I block it?
Yes, 98% block recommendation.
Possible reason:
Multiple malware detections
Relationships
iatt.exe
MD5: | 68b7f7a26b76805432e3d50009d2ab1f |
SHA1: | 81e56adc6b071e6b65ddb0bfeca84b72e87c3a76 |
SHA256: | d14b66bd4c4c8f66a6edf2820fd4162d09b326beaf6a42014596571e81a1a503 |
Warning 46 antivirus scanners has detected malware.
Overview
iatt.exe is malware that executes as a process with the local user's privileges typically within the context of its parent
sohcimp.exe (Sony Home Network Library by Sony Corporation). It has been configured with a firewall exception which allows both inbound and outbound network communication without being blocked. This particular version is usually found on Windows 7 Home Basic (6.1.7601.65536).
Details
File name: | iatt.exe |
Typical file path: | C:\windows\temp\iatt.exe |
Size: | 12.67 KB (12,970 bytes) |
Build date: | 2/21/2013 12:46 AM |
Digital DNA |
File packed: | No |
.NET CLR: | No |
More details
Behaviors
Windows firewall allowed program
Exceptions allow programs to access to the Internet through an outbound connections
- Firewall exception for 'C:\Windows\TEMP\iatt.exe'
Malware detections
Based on 40+ industry antivirus scanners, 46 of them detected the following malware.
Antivirus engine | Engine version | Detection |
Agnitum |
5.5.1.3 |
Trojan.Agent!aOJ6b9AXNps |
AhnLab V3 Internet Security |
2013.10.04 |
Trojan/Win32.CSon |
Avira AntiVir |
7.11.105.194 |
TR/Proxy.Pramro.F.6 |
Antiy Labs AVL |
2.0.3.7 |
Backdoor/Win32.Generic |
avast! |
8.0.1489.320 |
Win32:Malware-gen |
AVG |
13.0.0.3169 |
Downloader.Generic_r.OK |
Baidu Antivirus |
3.5.1.41473 |
Backdoor.Win32.Pramro.40 |
BitDefender |
7.2 |
Trojan.Agent.AZEE |
Bkav Security |
1.3.0.4246 |
W32.ProxyPramroB.Trojan |
CAT Quick Heal |
10.13.12.00 |
TrojanProxy.Pramro.cw3 |
Commtouch |
5.4.1.7 |
W32/Backdoor.HRXC-6790 |
Comodo Internet Security |
17045 |
Heur.Suspicious |
Dr.Web |
8.13.10.5 |
BackDoor.Siggen.53696 |
Emsisoft Anti-Malware |
3.0.0.589 |
Trojan.Win32.Agent (A) |
ESET NOD32 |
7.8873 |
Win32/Agent.HLU |
Fortinet |
5.1.147.0 |
W32/Agent.HLU!tr |
F-Prot |
v6.4.7.1.166 |
W32/Heuristic-170!Eldorado |
F-Secure |
11.0.19100.45 |
Trojan.Agent.AZEE |
G Data |
13.10.22 |
Trojan.Agent.AZEE |
Ikarus |
T3.1.5.4.0 |
Virus.Win32.Sality |
Jiangmin |
16.0.100 |
Backdoor.Generic.eum |
K7 AntiVirus |
9.173.9777 |
Proxy-Program |
K7GW |
12.7.0.14 |
Proxy-Program |
Kaspersky |
9.0.0.837 |
Trojan-Proxy.Win32.Agent.gml |
Kingsoft |
2013.4.9.267 |
Win32.Hack.Undef.(kcloud) |
Malwarebytes |
1.75.0.1 |
Trojan.Downloader |
McAfee |
5.600.1067 |
Generic.oh |
McAfee Gateway Anti-Malware |
v2013-dat |
Generic.oh |
Microsoft Security Essentials |
1.9901.0 |
TrojanProxy:Win32/Pramro.F |
eScan by MicroWorld |
12.0.250.0 |
Trojan.Agent.AZEE |
NANO AntiVirus |
0.26.0.55203 |
Trojan.Win32.Agent.bhwhup |
Norman |
7.02.06 |
Pramro.B |
nProtect |
2013-10-04.01 |
Trojan/W32.Agent_Packed.12970.G |
Panda Antivirus |
10.0.3.5 |
Trj/Agent.IVN |
PC Tools |
9.0.0.2 |
Trojan.Pramro |
Rising Antivirus |
24.81.06.04 |
Trojan.Win32.Generic.141B6F5B |
Sophos |
4.93.0 |
Mal/TinyDL-T |
SUPERAntiSpyware |
5.6.0.1032 |
Trojan.Agent/Gen-FraudPack |
Symantec |
20131.1.5.61 |
Trojan.Pramro |
The Hacker |
6.8.0.5.342 |
Posible_Worm32 |
Total Defense |
37.0.10498 |
Win32/Maazben!generic |
Trend Micro |
9.740.0.1012 |
TROJ_PRAMRO.SMI |
Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.R0CCH01H513 |
Vba32 AntiVirus |
3.12.24.3 |
Malware-Cryptor.Zhelatin.Net |
VIPRE Antivirus |
22076 |
Trojan.Win32.Generic!BT |
ViRobot |
2011.4.7.4223 |
Trojan.Win32.Agent.12970 |
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
CPU |
Total CPU: | 0.00797745% | |
Kernel CPU: | 0.00610620% | |
User CPU: | 0.00187125% | |
Kernel CPU time: | 484 ms/min | |
Memory |
Private memory: | 4.21 MB | |
Private (maximum): | 7.66 MB | |
Private (minimum): | 3.69 MB | |
Non-paged memory: | 4.21 MB | |
Virtual memory: | 69.02 MB | |
Virtual memory (peak): | 90.24 MB | |
Working set: | 3.71 MB | |
Working set (peak): | 7.97 MB | |
Resource allocations |
Threads: | 6 | |
Handles: | 143 | |
GUI GDI count: | 4 | |
GUI GDI peak: | 4 | |
GUI USER count: | 1 | |
GUI USER peak: | 1 | |
Process properties
Distribution by Windows OS
OS version | distribution |
Windows 7 Home Basic |
100.00% |
|
Distribution by PC manufacturer
PC Manufacturer | distribution |
Sony |
100.00% |
|