Srpski | Македонски | العربية | Suomi | ihMdI | 
| עברית | 
| Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | 
| 
| Magyar | Deutsch | Česky | Polski | Español
| עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español
|
Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information... |
File yichu.exe received on 2009.03.12 21:42:08 (UTC)
Current status: finished
Current status: finished
Result: 0/39 (0.00%)
| Antivirus | Version | Last Update | Result |
|---|---|---|---|
| a-squared | 4.0.0.101 | 2009.03.12 | - |
| AhnLab-V3 | 5.0.0.2 | 2009.03.12 | - |
| AntiVir | 7.9.0.109 | 2009.03.12 | - |
| Authentium | 5.1.0.4 | 2009.03.12 | - |
| Avast | 4.8.1335.0 | 2009.03.11 | - |
| AVG | 8.0.0.237 | 2009.03.12 | - |
| BitDefender | 7.2 | 2009.03.12 | - |
| CAT-QuickHeal | 10.00 | 2009.03.12 | - |
| ClamAV | 0.94.1 | 2009.03.12 | - |
| Comodo | 1051 | 2009.03.12 | - |
| DrWeb | 4.44.0.09170 | 2009.03.12 | - |
| eSafe | 7.0.17.0 | 2009.03.12 | - |
| eTrust-Vet | None | 2009.03.09 | - |
| F-Prot | 4.4.4.56 | 2009.03.12 | - |
| F-Secure | 8.0.14470.0 | 2009.03.12 | - |
| Fortinet | 3.117.0.0 | 2009.03.12 | - |
| GData | 19 | 2009.03.12 | - |
| Ikarus | T3.1.1.45.0 | 2009.03.12 | - |
| K7AntiVirus | 7.10.668 | 2009.03.12 | - |
| Kaspersky | 7.0.0.125 | 2009.03.12 | - |
| McAfee | 5551 | 2009.03.12 | - |
| McAfee+Artemis | 5551 | 2009.03.12 | - |
| Microsoft | 1.4405 | 2009.03.12 | - |
| NOD32 | 3931 | 2009.03.12 | - |
| Norman | 6.00.06 | 2009.03.12 | - |
| nProtect | 2009.1.8.0 | 2009.03.12 | - |
| Panda | 10.0.0.10 | 2009.03.12 | - |
| PCTools | 4.4.2.0 | 2009.03.12 | - |
| Prevx1 | V2 | 2009.03.12 | - |
| Rising | 21.20.32.00 | 2009.03.12 | - |
| SecureWeb-Gateway | 6.7.6 | 2009.03.12 | - |
| Sophos | 4.39.0 | 2009.03.12 | - |
| Sunbelt | 3.2.1858.2 | 2009.03.12 | - |
| Symantec | 1.4.4.12 | 2009.03.12 | - |
| TheHacker | 6.3.3.0.280 | 2009.03.12 | - |
| TrendMicro | 8.700.0.1004 | 2009.03.12 | - |
| VBA32 | 3.12.10.1 | 2009.03.12 | - |
| ViRobot | 2009.3.12.1647 | 2009.03.12 | - |
| VirusBuster | 4.5.11.0 | 2009.03.12 | - |
| Additional information |
|---|
| File size: 262237 bytes |
| MD5...: 21770e626e1477f73dd1fad7f0263cd4 |
| SHA1..: 2016e46bff4ac06c9b0dc61985c2024821348f4e |
| SHA256: 866618f268f1a92485fc86da1a2852b846926ca4677b9e3653b0c1d455231a5f |
| SHA512: edccdaf85146bb7791c1cdae5ca4b179923b5b249e5d536b9647c6e80ead2af8 73ce35ce402481a41648b95f5c9a2416c998468428166bac34aed750531eaa8d |
| ssdeep: 3072:N5HrzRryCaDDXSHpB4meICcNGu6V0AEwi3oXiWF:jkCciHDBeICcN56VrE3 M |
| PEiD..: InstallShield 2000 |
| TrID..: File type identification Win32 Executable MS Visual C++ (generic) (65.2%) Win32 Executable Generic (14.7%) Win32 Dynamic Link Library (generic) (13.1%) Generic Win/DOS Executable (3.4%) DOS Executable Generic (3.4%) |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0xce10 timedatestamp.....: 0x48fd8a27 (Tue Oct 21 07:52:07 2008) machinetype.......: 0x14c (I386) ( 5 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x32020 0x33000 4.18 09aabe6bd4cd4f956b7985febc739b5d .rdata 0x34000 0x308b 0x4000 3.27 0e24724c0cea7b13a09f9c88a2655e0d .data 0x38000 0x639c 0x5000 0.83 50e6d818b8efde9b60925b7224dcccc6 .idata 0x3f000 0xce7 0x1000 3.59 cb17d1ca490434ef91716fc65a52e64e .reloc 0x40000 0x1a70 0x2000 5.24 01791cbc687f8945c3cfa4f4644d137f ( 6 imports ) > KERNEL32.dll: DuplicateHandle, GetCurrentProcess, GetCurrentThread, InterlockedDecrement, GetEnvironmentVariableA, Sleep, VirtualProtectEx, WriteProcessMemory, OpenProcess, CreateThread, CloseHandle, LCMapStringW, LCMapStringA, SetStdHandle, ReadFile, GetOEMCP, GetACP, GetCPInfo, GetStringTypeW, GetStringTypeA, IsBadCodePtr, SetConsoleCtrlHandler, FlushFileBuffers, SetFilePointer, SetUnhandledExceptionFilter, GetStartupInfoA, GetFileType, lstrlenW, LocalFree, MultiByteToWideChar, RtlUnwind, IsBadWritePtr, IsBadReadPtr, HeapValidate, GetCommandLineA, GetVersion, ExitProcess, RaiseException, TerminateProcess, DebugBreak, GetStdHandle, WriteFile, OutputDebugStringA, GetProcAddress, LoadLibraryA, InterlockedIncrement, GetModuleFileNameA, HeapAlloc, HeapReAlloc, HeapFree, GetLastError, VirtualFree, VirtualAlloc, GetModuleHandleA, GetVersionExA, HeapDestroy, HeapCreate, UnhandledExceptionFilter, FreeEnvironmentStringsA, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount > ADVAPI32.dll: DuplicateTokenEx, CreateProcessAsUserA, OpenThreadToken, LookupAccountSidA, GetTokenInformation, SetThreadToken > ole32.dll: CoCreateInstance, CoInitialize > OLEAUT32.dll: -, -, -, -, -, -, -, - > WS2_32.dll: -, -, -, -, WSASocketA, - > PSAPI.DLL: GetModuleBaseNameA, EnumProcessModules ( 0 exports ) |
ATTENTION:
VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
