Srpski | Македонски | العربية | Suomi | ihMdI | 
| עברית | 
| Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | 
| 
| Magyar | Deutsch | Česky | Polski | Español
| עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español
|
Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information... |
File bot2.exe received on 2009.10.25 21:50:41 (UTC)
Current status: finished
Current status: finished
Result: 22/41 (53.66%)
| Antivirus | Version | Last Update | Result |
|---|---|---|---|
| a-squared | 4.5.0.41 | 2009.10.25 | Trojan-Spy.Win32.Zbot!IK |
| AhnLab-V3 | 5.0.0.2 | 2009.10.23 | - |
| AntiVir | 7.9.1.44 | 2009.10.23 | TR/Spy.ZBot.dak |
| Antiy-AVL | 2.0.3.7 | 2009.10.23 | - |
| Authentium | 5.1.2.4 | 2009.10.25 | - |
| Avast | 4.8.1351.0 | 2009.10.25 | Win32:Spyware-gen |
| AVG | 8.5.0.423 | 2009.10.25 | PSW.Generic7.AGSF |
| BitDefender | 7.2 | 2009.10.25 | - |
| CAT-QuickHeal | 10.00 | 2009.10.24 | Trojan.Agent.ATV |
| ClamAV | 0.94.1 | 2009.10.25 | - |
| Comodo | 2730 | 2009.10.25 | TrojWare.Win32.TrojanSpy.Zbot.Gen |
| DrWeb | 5.0.0.12182 | 2009.10.25 | Trojan.PWS.Panda.122 |
| eSafe | 7.0.17.0 | 2009.10.25 | Win32.Horse |
| eTrust-Vet | 35.1.7082 | 2009.10.23 | Win32/Kollah.ART |
| F-Prot | 4.5.1.85 | 2009.10.25 | - |
| F-Secure | 9.0.15370.0 | 2009.10.22 | - |
| Fortinet | 3.120.0.0 | 2009.10.25 | - |
| GData | 19 | 2009.10.25 | Win32:Spyware-gen |
| Ikarus | T3.1.1.72.0 | 2009.10.25 | Trojan-Spy.Win32.Zbot |
| Jiangmin | 11.0.800 | 2009.10.24 | - |
| K7AntiVirus | 7.10.879 | 2009.10.24 | - |
| Kaspersky | 7.0.0.125 | 2009.10.25 | Trojan-Spy.Win32.Zbot.acnz |
| McAfee | 5782 | 2009.10.25 | - |
| McAfee+Artemis | 5782 | 2009.10.25 | Artemis!D0ECBFF048F4 |
| McAfee-GW-Edition | 6.8.5 | 2009.10.25 | Heuristic.LooksLike.Trojan.Crypt.ZPACK.B |
| Microsoft | 1.5202 | 2009.10.25 | - |
| NOD32 | 4541 | 2009.10.25 | Win32/Spy.Zbot.UN |
| Norman | 6.03.02 | 2009.10.23 | - |
| nProtect | 2009.1.8.0 | 2009.10.25 | - |
| Panda | 10.0.2.2 | 2009.10.25 | Trj/CI.A |
| PCTools | 4.4.2.0 | 2009.10.19 | - |
| Prevx | 3.0 | 2009.10.25 | Medium Risk Malware |
| Rising | 21.52.62.00 | 2009.10.25 | Packer.Win32.Agent.bk |
| Sophos | 4.46.0 | 2009.10.25 | Mal/Generic-A |
| Sunbelt | 3.2.1858.2 | 2009.10.25 | - |
| Symantec | 1.4.4.12 | 2009.10.25 | Trojan Horse |
| TheHacker | 6.5.0.2.053 | 2009.10.24 | - |
| TrendMicro | 8.950.0.1094 | 2009.10.25 | PAK_Generic.001 |
| VBA32 | 3.12.10.11 | 2009.10.23 | - |
| ViRobot | 2009.10.23.2003 | 2009.10.23 | - |
| VirusBuster | 4.6.5.0 | 2009.10.25 | TrojanSpy.ZBot.NSG |
| Additional information |
|---|
| File size: 92672 bytes |
| MD5 : d0ecbff048f40385ca1da41b7a45987b |
| SHA1 : 9cbb53ff989bde29144d11f3979517ba14c1f904 |
| SHA256: 195bd2203a072313b5bc0ed37a602334a9a839e20963d58812d17c69d530a411 |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x1000 timedatestamp.....: 0x4ADD9334 (Tue Oct 20 12:38:44 2009) machinetype.......: 0x14C (Intel I386) ( 5 sections ) name viradd virsiz rawdsiz ntrpy md5 .data1 0x1000 0x49 0x200 1.13 2dc1f8628ae9e547264b868b77afcce2 .data 0x2000 0x1498D 0x14A00 7.99 b6c279fe6aa84b4ccadf99cc83ea2a4f .code 0x17000 0x939 0xA00 6.92 efffe0f449dbc1224e01d0e7db17cbd0 .reloc 0x18000 0xD0E 0xE00 5.68 d128414839518134e42fd47e09aba8ff .rsrc 0x19000 0x256 0x400 3.87 e3283515c61b68c94580133a5538fba9 ( 4 imports ) > advapi32.dll: GetPrivateObjectSecurity, RegCloseKey, RegDeleteKeyA, RegDeleteValueA, RegEnumKeyA, RegEnumKeyExA, RegEnumValueA, RegGetKeySecurity, RegLoadKeyA, RegOpenKeyA, RegQueryValueA, RevertToSelf, SetTokenInformation > gdi32.dll: AddFontResourceA, CloseFigure, CreateBrushIndirect, DeleteObject, FillPath, GetDeviceCaps, GetNearestColor, SetBkColor, SetTextColor > kernel32.dll: AddAtomA, BackupSeek, CloseHandle, FindAtomA, GetCPInfo, GetCommandLineA, GetCurrencyFormatA, GetDiskFreeSpaceA, GetExitCodeProcess, GetFileSize, GetLastError, GetModuleHandleA, GetProcAddress, GetProcessHeap, GetTickCount, GetVersion, GlobalLock, IsDebuggerPresent, LoadLibraryA, SearchPathA, SuspendThread, SwitchToFiber, SwitchToThread, UnmapViewOfFile, VirtualAlloc, VirtualFree, lstrcatA, lstrcmpA, lstrcpyA, lstrlenA > user32.dll: BeginPaint, ClientToScreen, ClipCursor, EndDialog, EqualRect, FindWindowExA, GetMenu, GetMessagePos, GetTopWindow, InvalidateRect, IsCharUpperA, LoadCursorA, MonitorFromRect, PostQuitMessage, SetCaretPos, ShowCaret, ShowCursor, SwitchDesktop, TrackMouseEvent, TrackPopupMenuEx, UpdateWindow ( 0 exports ) |
| TrID : File type identification Generic Win/DOS Executable (49.6%) DOS Executable Generic (49.5%) VXD Driver (0.7%) |
| ThreatExpert: http://www.threatexpert.com/report.aspx?md5=d0ecbff048f40385ca1da41b7a45987b |
| ssdeep: 1536:wcHoFBBzQwu6ZFQeKIkF8yW7imPibvruf1anOPjzzpYMWzJ0oB0FmS/k+ne/hfdb:BHoqKFY5nWGoibidamRYMI0O0FmSc+nu |
| Prevx Info: http://info.prevx.com/aboutprogramtext.asp?PX5=ED49FEA200E92A346A000165D7E80E0068418DD8 |
| PEiD : - |
| RDS : NSRL Reference Data Set - |
ATTENTION:
VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
