Srpski | Македонски | العربية | Suomi | ihMdI | 
| עברית | 
| Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | 
| 
| Magyar | Deutsch | Česky | Polski | Español
| עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español
|
Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information... |
File 001.exe received on 2009.10.25 10:51:48 (UTC)
Current status: finished
Current status: finished
Result: 26/41 (63.41%)
| Antivirus | Version | Last Update | Result |
|---|---|---|---|
| a-squared | 4.5.0.41 | 2009.10.25 | Trojan-Spy.Win32.Zbot!IK |
| AhnLab-V3 | 5.0.0.2 | 2009.10.23 | - |
| AntiVir | 7.9.1.44 | 2009.10.23 | TR/Crypt.ZPACK.Gen |
| Antiy-AVL | 2.0.3.7 | 2009.10.23 | Trojan/Win32.Zbot.gen |
| Authentium | 5.1.2.4 | 2009.10.24 | - |
| Avast | 4.8.1351.0 | 2009.10.25 | Win32:Malware-gen |
| AVG | 8.5.0.423 | 2009.10.25 | PSW.Generic7.AGYW |
| BitDefender | 7.2 | 2009.10.25 | Gen:Trojan.Heur.Zbot.fmW@cu28t7f |
| CAT-QuickHeal | 10.00 | 2009.10.24 | TrojanSpy.Zbot.gen |
| ClamAV | 0.94.1 | 2009.10.25 | - |
| Comodo | 2724 | 2009.10.25 | - |
| DrWeb | 5.0.0.12182 | 2009.10.25 | - |
| eSafe | 7.0.17.0 | 2009.10.22 | - |
| eTrust-Vet | 35.1.7082 | 2009.10.23 | - |
| F-Prot | 4.5.1.85 | 2009.10.24 | - |
| F-Secure | 9.0.15370.0 | 2009.10.22 | Gen:Trojan.Heur.Zbot.fmW@cu28t7f |
| Fortinet | 3.120.0.0 | 2009.10.25 | W32/Agent_bw.E!tr |
| GData | 19 | 2009.10.25 | Gen:Trojan.Heur.Zbot.fmW@cu28t7f |
| Ikarus | T3.1.1.72.0 | 2009.10.25 | Trojan-Spy.Win32.Zbot |
| Jiangmin | 11.0.800 | 2009.10.24 | - |
| K7AntiVirus | 7.10.879 | 2009.10.24 | Trojan.Win32.Malware.1 |
| Kaspersky | 7.0.0.125 | 2009.10.25 | Trojan-Spy.Win32.Zbot.gen |
| McAfee | 5781 | 2009.10.24 | Spy-Agent.bw.gen.e |
| McAfee+Artemis | 5781 | 2009.10.24 | Spy-Agent.bw.gen.e |
| McAfee-GW-Edition | 6.8.5 | 2009.10.25 | Heuristic.BehavesLike.Win32.Dropper.H |
| Microsoft | 1.5202 | 2009.10.25 | PWS:Win32/Zbot.gen!R |
| NOD32 | 4540 | 2009.10.25 | Win32/Spy.Zbot.UN |
| Norman | 6.03.02 | 2009.10.23 | W32/Zbot.MKF |
| nProtect | 2009.1.8.0 | 2009.10.25 | - |
| Panda | 10.0.2.2 | 2009.10.25 | Trj/CI.A |
| PCTools | 4.4.2.0 | 2009.10.19 | - |
| Prevx | 3.0 | 2009.10.25 | High Risk Cloaked Malware |
| Rising | 21.52.62.00 | 2009.10.25 | - |
| Sophos | 4.46.0 | 2009.10.25 | Mal/Behav-353 |
| Sunbelt | 3.2.1858.2 | 2009.10.24 | Trojan-Spy.Win32.Zbot.gen (v) |
| Symantec | 1.4.4.12 | 2009.10.25 | Packed.Generic.232 |
| TheHacker | 6.5.0.2.053 | 2009.10.24 | - |
| TrendMicro | 8.950.0.1094 | 2009.10.25 | TSPY_ZBOT.SMO |
| VBA32 | 3.12.10.11 | 2009.10.23 | Malware-Cryptor.Win32.Vals.21 |
| ViRobot | 2009.10.23.2003 | 2009.10.23 | - |
| VirusBuster | 4.6.5.0 | 2009.10.24 | - |
| Additional information |
|---|
| File size: 88576 bytes |
| MD5 : 8bcee8bb6d6ca1fbcf429d335e49e5d7 |
| SHA1 : c302fffd644bc396928349a5e5b594851cd3ebd5 |
| SHA256: 47615fafb682198c12aabfd4cd609f9cb88f0f2f9c70a8fdbc2e1f87691a2d08 |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0xBBD6 timedatestamp.....: 0x47D5C950 (Tue Mar 11 00:50:40 2008) machinetype.......: 0x14C (Intel I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x11195 0x11200 6.91 689f7f2d82ff03371f3898974c0f1ed7 .rdata 0x13000 0x41D0 0x4200 5.59 32f2361ac168c6cdabfd09272b2c0b50 .data 0x18000 0x147 0x200 1.36 d7c65dc737aca131bdff1a9d7adc7dce ( 5 imports ) > advapi32.dll: RegRestoreKeyA, InitializeSid, TrusteeAccessToObjectA, GetSidLengthRequired, RegDeleteValueW, SetEntriesInAuditListW, GetAccessPermissionsForObjectA, CryptHashData, ImpersonateNamedPipeClient, CryptEnumProvidersA, RegisterEventSourceA, BackupEventLogA, ReportEventW, CryptGenKey, OpenSCManagerW, QueryServiceConfigW, ReadEventLogW, LookupPrivilegeValueW, RegEnumKeyW, GetTrusteeTypeA, GetEffectiveRightsFromAclA, DestroyPrivateObjectSecurity, CryptSignHashW, CryptSetHashParam, SetEntriesInAccessListW, RegEnumKeyA, RegDeleteValueA, RegEnumKeyExA, CryptGenRandom, CryptSetProviderA, ChangeServiceConfigA, ObjectCloseAuditAlarmA, SetServiceBits, GetFileSecurityA, BuildImpersonateExplicitAccessWithNameW, AllocateLocallyUniqueId, LogonUserW, SetThreadToken, AreAllAccessesGranted, GetExplicitEntriesFromAclW, PrivilegeCheck, CryptContextAddRef, GetMultipleTrusteeA, SetEntriesInAclW, BuildTrusteeWithNameA, RegCreateKeyA, RegNotifyChangeKeyValue, GetSecurityDescriptorGroup, EnumDependentServicesW, RegUnLoadKeyW, RegEnumKeyExW, GetNumberOfEventLogRecords, LookupPrivilegeNameA, ConvertSecurityDescriptorToAccessW, DeregisterEventSource, GetSidSubAuthorityCount, CreateServiceW, RegQueryInfoKeyW, SetSecurityInfoExA, OpenEventLogW, ObjectDeleteAuditAlarmA, GetLengthSid, AdjustTokenPrivileges, RegEnumValueW, RegSetValueExA, AddAce, EnumDependentServicesA, AbortSystemShutdownW, GetUserNameW, GetAuditedPermissionsFromAclW, SetNamedSecurityInfoExA, RegQueryValueA, RegQueryMultipleValuesW, CryptGetProvParam, RegSetValueA, OpenSCManagerA, OpenEventLogA, CloseServiceHandle, GetServiceDisplayNameW, ImpersonateSelf, BuildImpersonateExplicitAccessWithNameA, SetNamedSecurityInfoW, CreatePrivateObjectSecurity, SetTokenInformation, GetSecurityDescriptorDacl, CryptDeriveKey, LookupSecurityDescriptorPartsA, GetSecurityDescriptorSacl, RegLoadKeyA, RegSaveKeyA, CryptDuplicateHash, ImpersonateLoggedOnUser, RegRestoreKeyW, LookupPrivilegeDisplayNameW, IsValidAcl, CryptSetProviderExW, RegQueryValueExW, CryptSignHashA, CryptEnumProviderTypesW, StartServiceA, GetSecurityInfoExA, GetTokenInformation, GetExplicitEntriesFromAclA, SetAclInformation, RegQueryInfoKeyA, ObjectDeleteAuditAlarmW, RegUnLoadKeyA > kernel32.dll: EnumResourceNamesW, ReadConsoleA, BackupSeek, FoldStringA, WriteProcessMemory, WriteProfileSectionA, GetDevicePowerState, VirtualProtect, FindResourceExW, SetTimeZoneInformation, SetEndOfFile, SetConsoleTextAttribute, GetOEMCP, SetConsoleTitleA, FreeEnvironmentStringsW, MoveFileA, TerminateThread, VirtualLock, GlobalCompact, GetTapePosition, FileTimeToSystemTime, GetPriorityClass, lstrcatW, ResetWriteWatch, CommConfigDialogW, VirtualAlloc, GetDiskFreeSpaceA, GetConsoleCursorInfo, SwitchToThread, BeginUpdateResourceA, GlobalUnWire, GetCalendarInfoW, GetPrivateProfileStructW, IsBadStringPtrA, ReadConsoleOutputCharacterW, QueueUserAPC, WritePrivateProfileSectionW, GetBinaryType, SearchPathA, GetPrivateProfileSectionW, IsBadWritePtr, GetProcessHeap, GetNamedPipeHandleStateW, HeapDestroy, CreatePipe, GlobalDeleteAtom, LocalFree, WritePrivateProfileStringW, FileTimeToDosDateTime, ScrollConsoleScreenBufferW, FindFirstChangeNotificationW, GetProfileStringA, GetDiskFreeSpaceExW, SetThreadContext, CopyFileA, GetNumberOfConsoleMouseButtons, GetCompressedFileSizeW, LocalFileTimeToFileTime, lstrcpynW, GetProcAddress, SetFileTime, GetDateFormatA, GetSystemTime, CallNamedPipeW, GetCurrencyFormatA, GetProfileStringW, GetTimeFormatA, SetDefaultCommConfigW, SetFilePointer, GlobalFree, GetPrivateProfileIntW, ReadConsoleOutputA, FreeLibrary, SetThreadPriorityBoost, lstrcpy, lstrcmpiA, WriteConsoleOutputCharacterW, GetCommModemStatus, MultiByteToWideChar, GetFileAttributesA, DebugActiveProcess, WritePrivateProfileStructA, GetEnvironmentVariableW, AllocConsole, GetCommandLineA, IsDebuggerPresent, SetConsoleWindowInfo, GetThreadTimes, SetCommState, LoadResource, IsDBCSLeadByteEx, FlushConsoleInputBuffer, GlobalFindAtomW, PulseEvent, GetCPInfoExW, SetThreadIdealProcessor, EnumCalendarInfoW, GetModuleFileNameA, CreateFileA, PeekNamedPipe, GetCompressedFileSizeA, GlobalAddAtomW, GetTempFileNameA, EndUpdateResourceW, UpdateResourceW, SleepEx, CreateNamedPipeA, GetEnvironmentStrings, SetEnvironmentVariableA, GetSystemTimeAdjustment, GlobalGetAtomNameW, SetThreadLocale, ConvertThreadToFiber, EnumDateFormatsA, CancelIo, ExitProcess, WriteFileGather, LockFileEx, BuildCommDCBA, CreateProcessA, FatalExit, SetMessageWaitingIndicator, SizeofResource > ole32.dll: OleLockRunning, CoRevokeClassObject, CreatePointerMoniker, IsEqualGUID, CoGetMarshalSizeMax, UtGetDvtd32Info, RegisterDragDrop, OleMetafilePictFromIconAndLabel, OleRegEnumFormatEtc, CoRegisterMallocSpy, CoInitializeSecurity, CreateDataCache, CoQueryAuthenticationServices, GetConvertStg, OleLoad, OleCreateStaticFromData, CoLoadLibrary, OleBuildVersion, OpenOrCreateStream, CoRegisterChannelHook, CoMarshalInterface, SetConvertStg, OleGetIconOfClass, StgOpenStorageEx, OleCreateMenuDescriptor, OleUninitialize, StgIsStorageFile, CreateDataAdviseHolder, CoDisconnectObject, OleRegGetUserType, CoTaskMemFree, CreateObjrefMoniker, CoTaskMemAlloc, ReadOleStg, CoInitialize, CreateGenericComposite, MkParseDisplayName, CoQueryProxyBlanket, UtConvertDvtd32toDvtd16, OleCreateLinkToFile, GetHGlobalFromStream, OleDraw, CreateOleAdviseHolder, CoImpersonateClient, OleIsCurrentClipboard, OleCreateEx, CreateBindCtx, GetRunningObjectTable, CoFileTimeNow, CreateFileMoniker, CoGetCurrentProcess, CoGetTreatAsClass, CoRegisterClassObject, OleConvertIStorageToOLESTREAM, StgIsStorageILockBytes, CoSwitchCallContext, OleSetAutoConvert, OleDestroyMenuDescriptor, UtConvertDvtd16toDvtd32, OleCreateEmbeddingHelper, CoGetInstanceFromFile, CoQueryClientBlanket, CoFreeLibrary, StgCreateDocfile, CoRegisterMessageFilter, CoLockObjectExternal, CoFileTimeToDosDateTime, OleGetAutoConvert, CreateStreamOnHGlobal, StringFromGUID2, UpdateDCOMSettings, WriteClassStm, OleCreateLink, ReadFmtUserTypeStg, CoCreateInstanceEx, OleFlushClipboard, CoGetPSClsid, EnableHookObject, ReleaseStgMedium, CoTreatAsClass, CoMarshalInterThreadInterfaceInStream, SetDocumentBitStg, OleSetClipboard, OleNoteObjectVisible, StgOpenStorageOnILockBytes, CoCopyProxy, WriteClassStg, GetHookInterface, OleCreate, CoMarshalHresult, PropVariantClear, OleTranslateAccelerator, StgGetIFillLockBytesOnFile, MonikerCommonPrefixWith, CoResumeClassObjects, CoFreeUnusedLibraries, OleQueryLinkFromData, CoQueryReleaseObject, OleConvertIStorageToOLESTREAMEx, CoInitializeEx, GetHGlobalFromILockBytes, CLSIDFromString, OleCreateFromDataEx, CreateClassMoniker, RevokeDragDrop > shlwapi.dll: PathIsContentTypeW, UrlUnescapeA, PathSkipRootA, PathMatchSpecA, UrlApplySchemeA, SHRegGetUSValueW, SHRegQueryUSValueW, StrCpyNW, SHDeleteKeyA, SHEnumValueW, PathFindFileNameW, SHOpenRegStreamW, StrCmpW, IntlStrEqWorkerA, ColorHLSToRGB, PathGetDriveNumberA, PathSearchAndQualifyA, SHGetValueA, PathRelativePathToA, SHRegDeleteEmptyUSKeyW, UrlGetLocationA, PathIsUNCServerShareW, PathFindOnPathW, PathGetCharTypeW, SHRegGetBoolUSValueW, SHSetValueA, PathRemoveFileSpecW, UrlCanonicalizeW, UrlCreateFromPathW, StrCatBuffA, StrStrW, SHRegEnumUSValueW, UrlIsOpaqueW, PathParseIconLocationA, PathIsURLW, SHGetThreadRef, PathMakeSystemFolderW, PathIsDirectoryEmptyW, SHEnumValueA, SHRegSetUSValueW, StrRStrIW, PathUndecorateW, PathRemoveBlanksA, UrlIsW, UrlEscapeA, PathRenameExtensionA, PathIsDirectoryA, PathIsNetworkPathW, PathIsRootW, PathAddExtensionW, PathStripPathA, StrRChrIW, PathParseIconLocationW, StrChrW, PathSetDlgItemPathW, SHQueryInfoKeyW, wvnsprintfA, SHDeleteEmptyKeyW, StrFromTimeIntervalW, PathIsLFNFileSpecA, PathStripToRootW, PathCompactPathA, SHOpenRegStreamA, StrFormatByteSizeA, PathRemoveFileSpecA, SHRegQueryUSValueA, PathSkipRootW, SHRegEnumUSValueA, SHRegSetUSValueA, PathBuildRootA, UrlCompareA, SHRegGetUSValueA, AssocQueryKeyW, SHRegDuplicateHKey, UrlIsNoHistoryW, SHRegCloseUSKey, StrCmpNIA, PathUnquoteSpacesW, PathFindExtensionW, PathStripPathW, StrSpnA, PathRemoveBlanksW, UrlIsNoHistoryA, SHRegEnumUSKeyW, PathCombineA, PathIsPrefixA, SHCreateShellPalette, PathFileExistsA, AssocQueryStringByKeyA, PathFindNextComponentW, SHRegDeleteUSValueW, StrRStrIA, PathFindExtensionA, ColorRGBToHLS, SHOpenRegStream2A, StrRChrA, PathCompactPathExA, PathMakePrettyA, StrRetToStrW, UrlCombineA, StrStrIA, StrCatBuffW, SHEnumKeyExW, SHIsLowMemoryMachine, SHGetValueW > user32.dll: SendMessageCallbackW, TabbedTextOutA, SubtractRect, DdeFreeStringHandle, RegisterDeviceNotificationA, DdeNameService, EnumDesktopsA, EnumDisplaySettingsExW, ChangeDisplaySettingsExA, IsDialogMessageW, DestroyMenu, LoadImageW, SetWindowLongW, OpenWindowStationW, GetWindowLongW, DefMDIChildProcA, ScrollWindow, IsWindow, PackDDElParam, GetNextDlgGroupItem, GetTopWindow, OemToCharW, LoadMenuA, SetCapture, GetPropW, CloseDesktop, InsertMenuItemW, DrawIcon, SetScrollPos, IsCharUpperW, SetDlgItemTextW, DdeInitializeW, DeferWindowPos, InsertMenuW, SetDlgItemTextA, ChangeMenuW, IsCharAlphaNumericW, DlgDirListComboBoxA, GetWindowTextLengthW, DdeReconnect, GetCursor, SwitchDesktop, ShowCursor, GetUserObjectInformationW, GetClassNameA, GetDlgItemInt, OpenDesktopA, DrawCaption, MessageBoxIndirectA, ShowCaret, PostQuitMessage, HiliteMenuItem, SetDoubleClickTime, LoadCursorFromFileW, BroadcastSystemMessageA, LoadMenuW, CheckMenuRadioItem, DdeCreateStringHandleA, CascadeWindows, DlgDirListW, GetWindowPlacement, SetScrollInfo, DeleteMenu, UpdateWindow, RegisterWindowMessageW, UnregisterDeviceNotification, DialogBoxIndirectParamA, DdeImpersonateClient, GetWindow, DestroyAcceleratorTable, GetParent, ValidateRgn, SetCaretPos, CreateDialogParamA, GetInputState, SetWindowTextW, GetDialogBaseUnits, DefWindowProcA, SendMessageTimeoutA, GetComboBoxInfo, CopyRect, DdeConnect, GetMenuState, SetFocus, GetTabbedTextExtentW, SetWindowTextA, SetWindowsHookExW, GetScrollInfo, TranslateAcceleratorA, SendNotifyMessageW, SetWindowRgn, GetClipboardViewer, MessageBoxW, TileWindows, CharToOemBuffA, CreateWindowExA, IntersectRect, SetWindowWord, GetPropA, GetWindowContextHelpId, SetCaretBlinkTime, CallMsgFilterA, DdeGetLastError, DestroyCursor, DdeAddData, AppendMenuA, IsWindowVisible, TabbedTextOutW, SetUserObjectInformationA, DdeEnableCallback, EndDeferWindowPos, EnumPropsW, GetMenuItemCount, LookupIconIdFromDirectoryEx, SetClassWord, EnumDisplayMonitors, EnumClipboardFormats, CloseWindowStation, DrawFrameControl, GetListBoxInfo, GetWindowLongA, UnregisterClassW, DispatchMessageW, WaitForInputIdle, CopyAcceleratorTableA, CharLowerA, SetWindowLongA, IsMenu, GetMenu, GetTitleBarInfo, CreateMenu, HideCaret, GetProcessWindowStation, ModifyMenuA, LoadMenuIndirectA, IsCharUpperA, BlockInput, CloseClipboard, OemToCharBuffA, InternalGetWindowText, CountClipboardFormats, GetKeyboardType, SendMessageA, EnableMenuItem, SendInput, GetMenuItemID ( 0 exports ) |
| TrID : File type identification Win32 Executable MS Visual C++ (generic) (65.2%) Win32 Executable Generic (14.7%) Win32 Dynamic Link Library (generic) (13.1%) Generic Win/DOS Executable (3.4%) DOS Executable Generic (3.4%) |
| ThreatExpert: http://www.threatexpert.com/report.aspx?md5=8bcee8bb6d6ca1fbcf429d335e49e5d7 |
| ssdeep: 1536:s8+LsB2sWhtu4OnTnv/X8sJeHO3LJBLvZ2w3Av8Ak3ecsUBGUFFTF9jgNg/PzyNb:s8hwU4OnTX88eHAHAwQEAk3enUBGkfM1 |
| Prevx Info: http://info.prevx.com/aboutprogramtext.asp?PX5=1B3F5D0C003056275ACC01BCBCE1F5008947EE77 |
| PEiD : - |
| RDS : NSRL Reference Data Set - |
ATTENTION:
VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
