Srpski | Македонски | العربية | Suomi | ihMdI | 
| עברית | 
| Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | 
| 
| Magyar | Deutsch | Česky | Polski | Español
| עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español
|
Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information... |
File Giva.exe received on 2009.07.15 01:59:33 (UTC)
Current status: finished
Current status: finished
Result: 16/39 (41.03%)
| Antivirus | Version | Last Update | Result |
|---|---|---|---|
| a-squared | 4.5.0.22 | 2009.07.15 | Trojan-Banker.Win32.Banker!IK |
| AhnLab-V3 | 5.0.0.2 | 2009.07.14 | - |
| AntiVir | 7.9.0.215 | 2009.07.14 | TR/Spy.Banker.Gen |
| Antiy-AVL | 2.0.3.1 | 2009.07.14 | - |
| Authentium | 5.1.2.4 | 2009.07.14 | W32/D_Banker!Generic |
| Avast | 4.8.1335.0 | 2009.07.14 | - |
| AVG | 8.5.0.387 | 2009.07.14 | - |
| BitDefender | 7.2 | 2009.07.15 | - |
| CAT-QuickHeal | 10.00 | 2009.07.14 | - |
| ClamAV | 0.94.1 | 2009.07.15 | - |
| Comodo | 1653 | 2009.07.15 | - |
| DrWeb | 5.0.0.12182 | 2009.07.14 | Trojan.AVKill.779 |
| eSafe | 7.0.17.0 | 2009.07.14 | - |
| eTrust-Vet | 31.6.6615 | 2009.07.14 | - |
| F-Prot | 4.4.4.56 | 2009.07.14 | W32/D_Banker!Generic |
| F-Secure | 8.0.14470.0 | 2009.07.15 | Trojan-Banker.Win32.Banker.etk |
| Fortinet | 3.120.0.0 | 2009.07.15 | - |
| GData | 19 | 2009.07.15 | - |
| Ikarus | T3.1.1.64.0 | 2009.07.15 | Trojan-Banker.Win32.Banker |
| Jiangmin | 11.0.706 | 2009.07.14 | - |
| K7AntiVirus | 7.10.792 | 2009.07.14 | - |
| Kaspersky | 7.0.0.125 | 2009.07.15 | Trojan-Banker.Win32.Banker.etk |
| McAfee | 5676 | 2009.07.14 | PWS-Banker.gen.b |
| McAfee+Artemis | 5676 | 2009.07.14 | PWS-Banker.gen.b |
| McAfee-GW-Edition | 6.8.5 | 2009.07.14 | Heuristic.LooksLike.Win32.Suspicious.H!88 |
| Microsoft | 1.4803 | 2009.07.14 | TrojanSpy:Win32/Bancos.gen!C |
| NOD32 | 4243 | 2009.07.14 | a variant of Win32/Spy.Banker.QEP |
| Norman | 6.01.09 | 2009.07.14 | - |
| nProtect | 2009.1.8.0 | 2009.07.15 | - |
| Panda | 10.0.0.14 | 2009.07.14 | Suspicious file |
| Rising | 21.38.14.00 | 2009.07.14 | - |
| Sophos | 4.43.0 | 2009.07.15 | Mal/DelpBanc-A |
| Sunbelt | 3.2.1858.2 | 2009.07.15 | - |
| Symantec | 1.4.4.12 | 2009.07.15 | - |
| TheHacker | 6.3.4.3.367 | 2009.07.14 | - |
| TrendMicro | 8.950.0.1094 | 2009.07.14 | - |
| VBA32 | 3.12.10.8 | 2009.07.15 | suspected of Trojan-Spy.xBank.51 |
| ViRobot | 2009.7.14.1835 | 2009.07.14 | - |
| VirusBuster | 4.6.5.0 | 2009.07.14 | - |
| Additional information |
|---|
| File size: 3202048 bytes |
| MD5 : 79dab0dec01a0b13991bdbc888ef6335 |
| SHA1 : 23346b62c59ebe6ffde474987aea921404d84d77 |
| SHA256: 092413c7e24e6ae3b7d0e6a3b9192eb631747f761030ae104051d72eb406478c |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x1B09001 timedatestamp.....: 0x2A425E19 (Sat Jun 20 00:22:17 1992) machinetype.......: 0x14C (Intel I386) ( 10 sections ) name viradd virsiz rawdsiz ntrpy md5 CODE 0x1000 0xED000 0x4F600 8.00 12041a3453a68606643c277d55b677d1 DATA 0xEE000 0x3000 0x1400 7.70 db607586b4a637d21721709ef9379789 BSS 0xF1000 0x2000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e .idata 0xF3000 0x3000 0x1000 7.68 d0f4c2e77288647849493ad8483d7b8f .tls 0xF6000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e .rdata 0xF7000 0x1000 0x200 0.21 4a3faa76913cfaa52790cde460366e8b .reloc 0xF8000 0x11000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e .rsrc 0x109000 0x1A00000 0x2B3E00 8.00 0ee520e33736bb8673376f1b882f5e9d .aspack 0x1B09000 0x8000 0x7E00 5.33 da92a99df0d97caf059da51a572d4f05 .adata 0x1B11000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e ( 8 imports ) > advapi32.dll: RegQueryValueExA, RegSetValueExA, OpenSCManagerA > comctl32.dll: ImageList_SetIconSize > gdi32.dll: UnrealizeObject > kernel32.dll: GetProcAddress, GetModuleHandleA, LoadLibraryA > ole32.dll: CreateStreamOnHGlobal > oleaut32.dll: SysFreeString, SafeArrayPtrOfIndex, GetErrorInfo > user32.dll: GetKeyboardType, CreateWindowExA, DdeCmpStringHandles > version.dll: VerQueryValueA ( 0 exports ) |
| TrID : File type identification Win32 Executable Generic (68.0%) Generic Win/DOS Executable (15.9%) DOS Executable Generic (15.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) |
| ThreatExpert: http://www.threatexpert.com/report.aspx?md5=79dab0dec01a0b13991bdbc888ef6335 |
| ssdeep: 98304:F0MqArnWaBmWtZjppiWu21plQvYPcFb4dRxZtW:Fp1rWEVnNr/Cv9FOR |
| Prevx Info: http://info.prevx.com/aboutprogramtext.asp?PX5=59990C36009B4E8DDC6C308C37FAC100EFB77CBE |
| PEiD : ASPack v2.12 |
| packers (Kaspersky): ASPack |
| packers (F-Prot): Aspack |
| packers (Authentium): Aspack |
| RDS : NSRL Reference Data Set - |
ATTENTION:
VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
