Should I block it?
Yes, 98% block recommendation.
Possible reason:
Multiple malware detections
Relationships
iatt.exe
| MD5: | 68b7f7a26b76805432e3d50009d2ab1f |
| SHA1: | 81e56adc6b071e6b65ddb0bfeca84b72e87c3a76 |
| SHA256: | d14b66bd4c4c8f66a6edf2820fd4162d09b326beaf6a42014596571e81a1a503 |
Warning 46 antivirus scanners has detected malware.
Overview
iatt.exe is malware that executes as a process with the local user's privileges typically within the context of its parent
sohcimp.exe (Sony Home Network Library by Sony Corporation). It has been configured with a firewall exception which allows both inbound and outbound network communication without being blocked. This particular version is usually found on Windows 7 Home Basic (6.1.7601.65536).
Details
| File name: | iatt.exe |
| Typical file path: | C:\windows\temp\iatt.exe |
| Size: | 12.67 KB (12,970 bytes) |
| Build date: | 2/21/2013 12:46 AM |
| Digital DNA |
| File packed: | No |
| .NET CLR: | No |
More details
Behaviors
Windows firewall allowed program
Exceptions allow programs to access to the Internet through an outbound connections
- Firewall exception for 'C:\Windows\TEMP\iatt.exe'
Malware detections
Based on 40+ industry antivirus scanners, 46 of them detected the following malware.
| Antivirus engine | Engine version | Detection |
| Agnitum |
5.5.1.3 |
Trojan.Agent!aOJ6b9AXNps |
| AhnLab V3 Internet Security |
2013.10.04 |
Trojan/Win32.CSon |
| Avira AntiVir |
7.11.105.194 |
TR/Proxy.Pramro.F.6 |
| Antiy Labs AVL |
2.0.3.7 |
Backdoor/Win32.Generic |
| avast! |
8.0.1489.320 |
Win32:Malware-gen |
| AVG |
13.0.0.3169 |
Downloader.Generic_r.OK |
| Baidu Antivirus |
3.5.1.41473 |
Backdoor.Win32.Pramro.40 |
| BitDefender |
7.2 |
Trojan.Agent.AZEE |
| Bkav Security |
1.3.0.4246 |
W32.ProxyPramroB.Trojan |
| CAT Quick Heal |
10.13.12.00 |
TrojanProxy.Pramro.cw3 |
| Commtouch |
5.4.1.7 |
W32/Backdoor.HRXC-6790 |
| Comodo Internet Security |
17045 |
Heur.Suspicious |
| Dr.Web |
8.13.10.5 |
BackDoor.Siggen.53696 |
| Emsisoft Anti-Malware |
3.0.0.589 |
Trojan.Win32.Agent (A) |
| ESET NOD32 |
7.8873 |
Win32/Agent.HLU |
| Fortinet |
5.1.147.0 |
W32/Agent.HLU!tr |
| F-Prot |
v6.4.7.1.166 |
W32/Heuristic-170!Eldorado |
| F-Secure |
11.0.19100.45 |
Trojan.Agent.AZEE |
| G Data |
13.10.22 |
Trojan.Agent.AZEE |
| Ikarus |
T3.1.5.4.0 |
Virus.Win32.Sality |
| Jiangmin |
16.0.100 |
Backdoor.Generic.eum |
| K7 AntiVirus |
9.173.9777 |
Proxy-Program |
| K7GW |
12.7.0.14 |
Proxy-Program |
| Kaspersky |
9.0.0.837 |
Trojan-Proxy.Win32.Agent.gml |
| Kingsoft |
2013.4.9.267 |
Win32.Hack.Undef.(kcloud) |
| Malwarebytes |
1.75.0.1 |
Trojan.Downloader |
| McAfee |
5.600.1067 |
Generic.oh |
| McAfee Gateway Anti-Malware |
v2013-dat |
Generic.oh |
| Microsoft Security Essentials |
1.9901.0 |
TrojanProxy:Win32/Pramro.F |
| eScan by MicroWorld |
12.0.250.0 |
Trojan.Agent.AZEE |
| NANO AntiVirus |
0.26.0.55203 |
Trojan.Win32.Agent.bhwhup |
| Norman |
7.02.06 |
Pramro.B |
| nProtect |
2013-10-04.01 |
Trojan/W32.Agent_Packed.12970.G |
| Panda Antivirus |
10.0.3.5 |
Trj/Agent.IVN |
| PC Tools |
9.0.0.2 |
Trojan.Pramro |
| Rising Antivirus |
24.81.06.04 |
Trojan.Win32.Generic.141B6F5B |
| Sophos |
4.93.0 |
Mal/TinyDL-T |
| SUPERAntiSpyware |
5.6.0.1032 |
Trojan.Agent/Gen-FraudPack |
| Symantec |
20131.1.5.61 |
Trojan.Pramro |
| The Hacker |
6.8.0.5.342 |
Posible_Worm32 |
| Total Defense |
37.0.10498 |
Win32/Maazben!generic |
| Trend Micro |
9.740.0.1012 |
TROJ_PRAMRO.SMI |
| Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.R0CCH01H513 |
| Vba32 AntiVirus |
3.12.24.3 |
Malware-Cryptor.Zhelatin.Net |
| VIPRE Antivirus |
22076 |
Trojan.Win32.Generic!BT |
| ViRobot |
2011.4.7.4223 |
Trojan.Win32.Agent.12970 |
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
| CPU |
| Total CPU: | 0.00797745% | |
| Kernel CPU: | 0.00610620% | |
| User CPU: | 0.00187125% | |
| Kernel CPU time: | 484 ms/min | |
| Memory |
| Private memory: | 4.21 MB | |
| Private (maximum): | 7.66 MB | |
| Private (minimum): | 3.69 MB | |
| Non-paged memory: | 4.21 MB | |
| Virtual memory: | 69.02 MB | |
| Virtual memory (peak): | 90.24 MB | |
| Working set: | 3.71 MB | |
| Working set (peak): | 7.97 MB | |
| Resource allocations |
| Threads: | 6 | |
| Handles: | 143 | |
| GUI GDI count: | 4 | |
| GUI GDI peak: | 4 | |
| GUI USER count: | 1 | |
| GUI USER peak: | 1 | |
Process properties
Distribution by Windows OS
| OS version | distribution |
| Windows 7 Home Basic |
100.00% |
|
Distribution by PC manufacturer
| PC Manufacturer | distribution |
| Sony |
100.00% |
|
