Virustotal. MD5: 85b140f7cdd497478a033d518d5b2a58 Trojan Horse Generic.dx Suspicious:W32/Malware!Gemini

File malware.exe received on 2008.12.02 22:05:15 (UTC)
Current status: finished

Result: 21/37 (56.76%)

Antivirus	Version	Last Update	Result
AhnLab-V3	2008.12.2.2	2008.12.02	-
AntiVir	7.9.0.36	2008.12.02	TR/Crypt.XPACK.Gen
Authentium	5.1.0.4	2008.12.02	-
Avast	4.8.1281.0	2008.12.02	Win32:Trojan-gen {Other}
AVG	8.0.0.199	2008.12.02	Generic10.BATL
BitDefender	7.2	2008.12.02	Backdoor.Rustock.NDY
CAT-QuickHeal	10.00	2008.12.02	(Suspicious) - DNAScan
ClamAV	0.94.1	2008.12.02	-
DrWeb	4.44.0.09170	2008.12.02	-
eSafe	7.0.17.0	2008.12.02	Suspicious File
eTrust-Vet	31.6.6239	2008.12.02	Win32/VMalum.EEQE
Ewido	4.0	2008.12.02	-
F-Prot	4.4.4.56	2008.12.02	-
F-Secure	8.0.14332.0	2008.12.02	Suspicious:W32/Malware!Gemini
Fortinet	3.117.0.0	2008.12.02	W32/TibsPak
GData	19	2008.12.02	Backdoor.Rustock.NDY
Ikarus	T3.1.1.45.0	2008.12.02	Trojan.Crypt.XPACK
K7AntiVirus	7.10.540	2008.12.02	Backdoor.Win32.Rustock.NDY
Kaspersky	7.0.0.125	2008.12.02	-
McAfee	5452	2008.12.02	Generic.dx
McAfee+Artemis	5452	2008.12.02	Generic.dx
Microsoft	1.4104	2008.12.02	-
NOD32	3658	2008.12.02	probably unknown NewHeur_PE
Norman	5.80.02	2008.12.02	-
Panda	9.0.0.4	2008.12.02	Generic Malware
PCTools	4.4.2.0	2008.12.02	-
Prevx1	V2	2008.12.02	-
Rising	21.06.12.00	2008.12.02	-
SecureWeb-Gateway	6.7.6	2008.12.02	Trojan.Crypt.XPACK.Gen
Sophos	4.36.0	2008.12.02	Mal/TibsPak
Sunbelt	3.1.1832.2	2008.12.01	Backdoor.Rustock
Symantec	10	2008.12.02	Trojan Horse
TheHacker	6.3.1.2.172	2008.12.02	-
TrendMicro	8.700.0.1004	2008.12.02	-
VBA32	3.12.8.10	2008.12.02	suspected of Malware-Cryptor.Win32.General.3
ViRobot	2008.12.2.1496	2008.12.02	-
VirusBuster	4.5.11.0	2008.12.02	-

Additional information
File size: 69632 bytes
MD5...: 85b140f7cdd497478a033d518d5b2a58
SHA1..: b6ae884d88d3569e5d5d87a1fb4d6f24c036e33b
SHA256: 033aec292397b10a5e3481be361ee8c6aa24b25d29b45d2cc4a0db8c056fb318
SHA512: e9f37939e16b38b9eb78c6aec26caae1e211cad87b5385cf00a6627ae4c66640 eb881fc05f417ff825d158a734dae723b0a3ab8571e2ed5350a03231e7cb9904
ssdeep: 1536:d9tseWjZW5vCuen/oJJv3IlkWI4t7jn1yeDCU+WCLGYmV0qZmXLM1mO:jts fjZW5qTnwzPWI+xyeDCU+PyYmm6m
PEiD..: -
TrID..: File type identification Generic Win/DOS Executable (49.6%) DOS Executable Generic (49.5%) VXD Driver (0.7%)
PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x40116b timedatestamp.....: 0x4873a357 (Tue Jul 08 17:26:47 2008) machinetype.......: 0x14c (I386) ( 2 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x1d5 0x200 4.66 d1a5b263f91a58cc2067df83e628f743 .data 0x2000 0x10b7c 0x10c00 7.99 c83901aa237d31b9b953b5a3a5a03f66 ( 1 imports ) > kernel32.dll: CreateFileMappingA, GetFileType, WriteFile, HeapFree, DeleteAtom, GetFileSize, lstrcat, ReadFile, DeviceIoControl, DuplicateHandle, GetFileTime, CreateFileW, SetFilePointer, CopyFileA, FindAtomA, GetDriveTypeA, SetEvent ( 0 exports )
CWSandbox info: http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=85b140f7cdd497478a033d518d5b2a58
packers (Kaspersky): PE_Patch

ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.


	Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...

Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...