Srpski | Македонски | العربية | Suomi | ihMdI | 
| עברית | 
| Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | 
| 
| Magyar | Deutsch | Česky | Polski | Español
| עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español
|
Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information... |
File bot.exe received on 2009.10.05 11:05:30 (UTC)
Current status: finished
Current status: finished
Result: 22/41 (53.66%)
| Antivirus | Version | Last Update | Result |
|---|---|---|---|
| a-squared | 4.5.0.24 | 2009.10.05 | Trojan-Spy.Win32.Zbot!IK |
| AhnLab-V3 | 5.0.0.2 | 2009.10.05 | - |
| AntiVir | 7.9.1.33 | 2009.10.05 | TR/Crypt.ZPACK.Gen |
| Antiy-AVL | 2.0.3.7 | 2009.10.05 | - |
| Authentium | 5.1.2.4 | 2009.10.04 | - |
| Avast | 4.8.1351.0 | 2009.10.04 | - |
| AVG | 8.5.0.420 | 2009.10.04 | PSW.Generic7.ACRD |
| BitDefender | 7.2 | 2009.10.05 | Trojan.Generic.2503904 |
| CAT-QuickHeal | 10.00 | 2009.10.05 | - |
| ClamAV | 0.94.1 | 2009.10.03 | - |
| Comodo | 2517 | 2009.10.05 | - |
| DrWeb | 5.0.0.12182 | 2009.10.05 | - |
| eSafe | 7.0.17.0 | 2009.10.04 | - |
| eTrust-Vet | 31.6.6777 | 2009.10.05 | Win32/Kollah.ART |
| F-Prot | 4.5.1.85 | 2009.10.04 | - |
| F-Secure | 8.0.14470.0 | 2009.10.05 | Trojan-Spy:W32/Zbot.gen!B |
| Fortinet | 3.120.0.0 | 2009.10.05 | W32/Agent_bw.D!tr |
| GData | 19 | 2009.10.05 | Trojan.Generic.2503904 |
| Ikarus | T3.1.1.72.0 | 2009.10.05 | Trojan-Spy.Win32.Zbot |
| Jiangmin | 11.0.800 | 2009.10.05 | - |
| K7AntiVirus | 7.10.861 | 2009.10.03 | - |
| Kaspersky | 7.0.0.125 | 2009.10.05 | Trojan-Spy.Win32.Zbot.gen |
| McAfee | 5761 | 2009.10.04 | Spy-Agent.bw.gen.d |
| McAfee+Artemis | 5761 | 2009.10.04 | Spy-Agent.bw.gen.d |
| McAfee-GW-Edition | 6.8.5 | 2009.10.05 | Heuristic.BehavesLike.Win32.AdSpyware.H |
| Microsoft | 1.5101 | 2009.10.05 | PWS:Win32/Zbot.gen!R |
| NOD32 | 4480 | 2009.10.05 | a variant of Win32/Kryptik.AET |
| Norman | 6.01.09 | 2009.10.05 | - |
| nProtect | 2009.1.8.0 | 2009.10.05 | - |
| Panda | 10.0.2.2 | 2009.10.04 | Trj/CI.A |
| PCTools | 4.4.2.0 | 2009.10.05 | - |
| Prevx | 3.0 | 2009.10.05 | - |
| Rising | 21.49.22.00 | 2009.09.30 | Backdoor.Win32.Ntos.fv |
| Sophos | 4.45.0 | 2009.10.05 | Mal/Zbot-O |
| Sunbelt | 3.2.1858.2 | 2009.10.04 | Trojan-Spy.Win32.Zbot.gen (v) |
| Symantec | 1.4.4.12 | 2009.10.05 | Infostealer.Banker.C |
| TheHacker | 6.5.0.2.029 | 2009.10.05 | - |
| TrendMicro | 8.950.0.1094 | 2009.10.05 | TSPY_ZBOT.SMD |
| VBA32 | 3.12.10.11 | 2009.10.05 | Malware-Cryptor.Win32.Vals.11 |
| ViRobot | 2009.10.5.1970 | 2009.10.05 | - |
| VirusBuster | 4.6.5.0 | 2009.10.04 | - |
| Additional information |
|---|
| File size: 83456 bytes |
| MD5 : e095c261fb56b538c0b87dfeb912a2d7 |
| SHA1 : c07f0637686427fef4ce7aba9db6110c2b5721aa |
| SHA256: 5f50cc018d41b7b4b3984286f5b0e1c9b538cc28ff4b83196092f1f68ecb142d |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x9866 timedatestamp.....: 0x48F3409F (Mon Oct 13 14:35:43 2008) machinetype.......: 0x14C (Intel I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0xFCB8 0xFE00 6.94 7a20c14a0e3feb5df26cfeedb31e9669 .rdata 0x11000 0x41B0 0x4200 5.69 ea7aa2c8c1b2e653cd05c0ce2fe5cc6b .data 0x16000 0x14A 0x200 1.49 714082b48854137092187fd41a7d5e83 ( 5 imports ) > advapi32.dll: SetSecurityInfoExW, RegQueryValueW, GetAccessPermissionsForObjectW, SetSecurityDescriptorOwner, InitializeSid, CryptAcquireContextW, LookupPrivilegeValueW, OpenSCManagerA, RegEnumValueA, CreateServiceA, BuildExplicitAccessWithNameA, GetSecurityDescriptorOwner, AddAccessAllowedAce, RegOpenKeyW, StartServiceCtrlDispatcherA, GetCurrentHwProfileA, PrivilegedServiceAuditAlarmA, BuildSecurityDescriptorW, OpenBackupEventLogA, CryptSetProvParam, GetUserNameW, GetOverlappedAccessResults, SetEntriesInAclA, ConvertSecurityDescriptorToAccessA, RegCloseKey, RegSetValueA, GetMultipleTrusteeOperationW, DeleteAce, MakeSelfRelativeSD, StartServiceCtrlDispatcherW, ObjectOpenAuditAlarmW, SetSecurityInfo, GetServiceKeyNameA, CancelOverlappedAccess, SetNamedSecurityInfoExA, CryptGenKey, ConvertSecurityDescriptorToAccessNamedW, CryptVerifySignatureW, CryptDestroyKey, NotifyChangeEventLog, GetSecurityDescriptorDacl, IsValidSid, CryptReleaseContext, OpenProcessToken, GetAuditedPermissionsFromAclA, RegConnectRegistryW, GetAce, CryptGetHashParam, InitializeSecurityDescriptor, OpenServiceW, BuildTrusteeWithSidW, ReportEventA, ObjectPrivilegeAuditAlarmW, ObjectCloseAuditAlarmA, ClearEventLogA, CryptContextAddRef, RegUnLoadKeyA, RegEnumValueW, CreatePrivateObjectSecurity, QueryServiceObjectSecurity, GetTrusteeTypeW, SetServiceBits, GetSecurityDescriptorLength, SetThreadToken, GetServiceDisplayNameW, RegLoadKeyW, OpenServiceA, RegSetValueW, RegisterEventSourceA, RegReplaceKeyA, RegReplaceKeyW, CryptEnumProvidersA, CryptVerifySignatureA, RegRestoreKeyA, ChangeServiceConfigW, GetEffectiveRightsFromAclW, RegSaveKeyA, BackupEventLogA, GetServiceKeyNameW, GetNamedSecurityInfoExW, SetEntriesInAccessListA, RevertToSelf, CopySid, RegQueryValueExW, StartServiceW, LookupAccountNameA, RegEnumKeyExA, TrusteeAccessToObjectW, StartServiceA, GetTrusteeNameA, GetNumberOfEventLogRecords, GetTokenInformation, SetEntriesInAccessListW, CryptGetKeyParam, RegGetKeySecurity, ReadEventLogA, LookupAccountSidA, SetEntriesInAuditListA, QueryServiceConfigW, RegCreateKeyExW, CryptHashSessionKey, GetServiceDisplayNameA, SetSecurityInfoExA, CryptHashData, AddAuditAccessAce, CloseServiceHandle, CryptImportKey, QueryServiceConfigA, ObjectCloseAuditAlarmW, RegisterServiceCtrlHandlerW, DeleteService, SetNamedSecurityInfoA, GetExplicitEntriesFromAclA, RegQueryMultipleValuesA, GetAuditedPermissionsFromAclW, GetExplicitEntriesFromAclW, ConvertSecurityDescriptorToAccessNamedA, BuildImpersonateExplicitAccessWithNameW, LookupPrivilegeNameA, AddAce, NotifyBootConfigStatus, CryptEnumProviderTypesA, RegEnumKeyW, CryptCreateHash > kernel32.dll: FileTimeToDosDateTime, GetLocaleInfoW, GetDriveTypeA, CreateWaitableTimerA, GetMailslotInfo, GetVolumeInformationW, WriteProcessMemory, ReadConsoleOutputAttribute, GetTapeParameters, SetConsoleScreenBufferSize, SetConsoleMode, CreateMailslotW, Thread32First, GetCommState, CreateToolhelp32Snapshot, SetMailslotInfo, FreeLibrary, FillConsoleOutputCharacterW, GetCPInfoExA, WriteConsoleOutputW, GlobalAddAtomA, SetEnvironmentVariableW, GetConsoleMode, SetProcessPriorityBoost, GetComputerNameW, GetLastError, CommConfigDialogW, GetPrivateProfileSectionNamesW, UnhandledExceptionFilter, SetLastError, GlobalFlags, CancelWaitableTimer, CopyFileA, GetWindowsDirectoryA, SystemTimeToTzSpecificLocalTime, LoadLibraryW, SetupComm, WritePrivateProfileSectionA, SetFileTime, VirtualFree, EnumDateFormatsW, WriteFile, GetFileAttributesA, VirtualProtect, GetDefaultCommConfigA, SetDefaultCommConfigA, GetCompressedFileSizeW, ReadFile, GetPrivateProfileSectionW, GetExitCodeProcess, GetDateFormatW, EnumDateFormatsExW, TlsSetValue, ClearCommError, GetCommandLineA, lstrcatA, SetCurrentDirectoryW, GetTapePosition, EnumCalendarInfoW, GetCurrentDirectoryW, lstrcatW, OutputDebugStringA, GetVolumeInformationA, GetProfileStringW, WritePrivateProfileStructA, GetLogicalDrives, VirtualUnlock, ExpandEnvironmentStringsA, SetFileApisToOEM, IsDBCSLeadByte, DefineDosDeviceW, Heap32ListFirst, lstrcpynA, GetExitCodeThread, UpdateResourceA, GetTimeFormatW, WaitForMultipleObjects, PulseEvent, GetSystemDefaultLangID, SetThreadPriorityBoost, PurgeComm, GlobalGetAtomNameA, GetNamedPipeHandleStateA, HeapUnlock, GetStdHandle, ExitProcess, GetCommandLineW, GetConsoleScreenBufferInfo, OpenMutexW, WinExec, HeapWalk, GetEnvironmentStringsW, GetOEMCP, TlsAlloc, SetTapePosition, LockResource, EnumTimeFormatsA, GetCommProperties, MulDiv, SetComputerNameW, BackupRead, EndUpdateResourceW, PeekConsoleInputA, LocalCompact, SetProcessAffinityMask, WriteConsoleOutputCharacterW, RequestDeviceWakeup, FindResourceExA, GetFileInformationByHandle, ResetWriteWatch, GetNamedPipeHandleStateW, ResetEvent, GetThreadContext, ReleaseMutex, GetTickCount, PrepareTape, GetCurrencyFormatW, OpenMutexA, RaiseException, FindNextFileW, SetThreadContext, WaitCommEvent, GetWindowsDirectoryW, GetNumberFormatW, GetFileAttributesExW, SetWaitableTimer, VirtualAlloc > ole32.dll: CoReleaseMarshalData, StgSetTimes, CoLockObjectExternal, OleCreateLinkToFile, CreateGenericComposite, CoInitialize, CoGetCallerTID, StgOpenStorage, OleTranslateAccelerator, OleCreateLink, OleSetMenuDescriptor, OleConvertOLESTREAMToIStorage, CoRevokeMallocSpy, CoSwitchCallContext, UtConvertDvtd32toDvtd16, GetRunningObjectTable, WriteStringStream, StgGetIFillLockBytesOnILockBytes, GetDocumentBitStg, PropVariantCopy, CoAddRefServerProcess, WriteOleStg, OleInitialize, ReadStringStream, OleDestroyMenuDescriptor, CoCreateInstanceEx, StringFromIID, MonikerCommonPrefixWith, CoGetPSClsid, OleRegGetMiscStatus, CoQueryClientBlanket, OleCreateLinkFromData, GetHookInterface, CoFileTimeToDosDateTime, UpdateDCOMSettings, OleIsRunning, UtGetDvtd32Info, DoDragDrop, CoRevertToSelf, OleRun, CoUnmarshalInterface, CoRevokeClassObject, CreateClassMoniker, DllDebugObjectRPCHook, ProgIDFromCLSID, CreateFileMoniker, StringFromGUID2, OleCreateDefaultHandler, OleRegEnumVerbs, StgCreateDocfile, CoUnmarshalHresult, OleCreateFromData, CoQueryProxyBlanket, ReleaseStgMedium, StgIsStorageILockBytes, CreateBindCtx, OleSetAutoConvert, BindMoniker, CoTreatAsClass, CoQueryReleaseObject, OleCreateFromFileEx, OleCreateMenuDescriptor, OleCreateFromDataEx, OleCreateEmbeddingHelper, CreateOleAdviseHolder, OleGetIconOfFile, OleIsCurrentClipboard, CoCreateInstance, CoGetCurrentLogicalThreadId, CoTaskMemRealloc, OleConvertIStorageToOLESTREAMEx, CoLoadLibrary, CoFreeLibrary, CoFreeAllLibraries, SetConvertStg, OleCreateEx, OleGetAutoConvert, CoRegisterPSClsid, CoGetInterfaceAndReleaseStream, StgIsStorageFile, OleQueryLinkFromData, StgOpenStorageOnILockBytes, GetHGlobalFromILockBytes, OpenOrCreateStream, OleRegGetUserType, CLSIDFromString, WriteClassStg, CoSuspendClassObjects, CoDisconnectObject, CoIsOle1Class, OleSave, CoFreeUnusedLibraries, CreateDataAdviseHolder, OleConvertOLESTREAMToIStorageEx > shlwapi.dll: ColorHLSToRGB, PathUnquoteSpacesA, ChrCmpIA, PathAddBackslashW, PathAddExtensionA, PathGetDriveNumberA, PathIsUNCW, SHRegDeleteUSValueW, StrRChrW, PathRemoveArgsA, PathMatchSpecA, SHOpenRegStream2W, SHRegSetUSValueA, PathIsUNCServerW, SHEnumValueW, PathCanonicalizeA, PathIsRelativeA, PathCombineW, SHRegDeleteEmptyUSKeyA, StrStrW, PathIsUNCServerA, StrTrimA, SHRegGetUSValueW, PathQuoteSpacesA, PathRemoveBlanksA, SHEnumValueA, PathIsDirectoryEmptyA, wnsprintfW, SHQueryInfoKeyW, SHDeleteKeyA, StrIsIntlEqualA, AssocQueryStringByKeyA, PathFindOnPathA, PathCommonPrefixW, PathCompactPathW, SHRegQueryUSValueA, StrCmpW, StrCpyNW, PathFindOnPathW, PathSearchAndQualifyW, PathUndecorateW, SHRegQueryInfoUSKeyA, SHQueryValueExA, StrCSpnIW, PathUndecorateA, StrStrIA, PathIsLFNFileSpecA, PathIsDirectoryEmptyW, UrlHashA, UrlGetPartA, PathSkipRootW, AssocQueryStringByKeyW, StrStrIW, SHRegEnumUSValueW, SHAutoComplete, PathCompactPathExA, PathMakeSystemFolderA, UrlHashW, PathGetCharTypeA, PathSetDlgItemPathA, StrToIntExW, AssocQueryStringW, PathIsDirectoryA, StrFormatByteSizeW, StrRChrA, SHRegDeleteUSValueA, PathIsUNCServerShareW, PathBuildRootA, PathIsURLA, UrlApplySchemeW, PathIsNetworkPathA, StrChrIW, SHRegCreateUSKeyW, PathMakePrettyA, SHRegQueryUSValueW, UrlCompareW, StrSpnA, PathFindExtensionW, SHRegDuplicateHKey, PathUnmakeSystemFolderW, StrNCatA, StrRStrIA, PathIsSameRootW, UrlIsW, PathFindExtensionA, StrCmpNIW, SHDeleteKeyW, PathCompactPathA, StrToIntExA, SHRegWriteUSValueA, SHRegCloseUSKey, UrlGetLocationW, UrlApplySchemeA, PathIsDirectoryW, UrlIsNoHistoryW, StrRChrIW, UrlEscapeA, StrFromTimeIntervalA, PathIsContentTypeW, PathFindNextComponentW, PathStripToRootW, SHIsLowMemoryMachine, SHRegCreateUSKeyA, UrlCreateFromPathW, PathIsSystemFolderW, PathGetArgsA, SHQueryInfoKeyA, UrlGetPartW, SHCopyKeyA, GetMenuPosFromID, ColorRGBToHLS, ChrCmpIW, StrRetToStrW > user32.dll: MessageBoxIndirectW, ChangeDisplaySettingsExA, IsDialogMessage, LockWindowUpdate, MonitorFromPoint, EqualRect, DlgDirListComboBoxA, ShowCursor, SendDlgItemMessageW, RegisterDeviceNotificationW, IsDialogMessageW, EnumWindowStationsW, GetClipCursor, DlgDirSelectComboBoxExW, CallNextHookEx, GetLastActivePopup, BeginDeferWindowPos, SendNotifyMessageW, KillTimer, SendMessageTimeoutA, PostMessageW, SetSystemCursor, TileWindows, UnregisterClassA, ChangeMenuW, SetCaretPos, CharPrevA, FrameRect, DdeQueryStringW, OpenWindowStationW, SetDeskWallpaper, DdeUnaccessData, DialogBoxParamW, GetKBCodePage, IsCharAlphaNumericW, GetCapture, RemoveMenu, RemovePropA, EnumDisplaySettingsExW, GetMenu, ShowOwnedPopups, CreateAcceleratorTableW, GetWindowRgn, SetProcessDefaultLayout, GetUpdateRgn, DrawStateW, EnableScrollBar, RegisterClassExA, SetPropA, GetMenuInfo, AppendMenuW, GetCursorInfo, DdeInitializeA, AnyPopup, ModifyMenuW, GetWindowRect, ClipCursor, SendMessageCallbackA, DdeQueryStringA, DdeConnect, MoveWindow, CharLowerA, PtInRect, SetMenuItemInfoA, SetThreadDesktop, ToAscii, SetWindowsHookW, ShowCaret, CharLowerW, GetMenuContextHelpId, CopyIcon, GetTabbedTextExtentA, TranslateMessage, CreateWindowExW, SetWinEventHook, MonitorFromRect, BlockInput, TrackPopupMenuEx, EnumPropsA, SetWindowTextA, GetGUIThreadInfo, RegisterClassW, RegisterClipboardFormatW, DestroyAcceleratorTable, LoadAcceleratorsA, GetListBoxInfo, WaitForInputIdle, MapVirtualKeyW, SetTimer, EndDeferWindowPos, FindWindowA, GetDlgCtrlID, GetPropW, GetWindow, SetDebugErrorLevel, LoadMenuW, ValidateRgn, CountClipboardFormats, GetWindowPlacement, DlgDirSelectExA, InSendMessage, SetProcessWindowStation, LoadStringW, SendIMEMessageExW, GetWindowLongW, DrawMenuBar, UnhookWindowsHookEx, NotifyWinEvent, EditWndProc, DialogBoxIndirectParamA, GetDlgItemInt, GetWindowTextLengthA, IntersectRect, SetWindowLongA, InternalGetWindowText, CloseWindow, GetMenuState, MsgWaitForMultipleObjectsEx, SystemParametersInfoW, OpenDesktopW, SetScrollPos, CharLowerBuffW, CreateMDIWindowW, ImpersonateDdeClientWindow, DdeQueryNextServer, GetPriorityClipboardFormat, IsIconic ( 0 exports ) |
| TrID : File type identification Win32 Executable MS Visual C++ (generic) (65.2%) Win32 Executable Generic (14.7%) Win32 Dynamic Link Library (generic) (13.1%) Generic Win/DOS Executable (3.4%) DOS Executable Generic (3.4%) |
| ThreatExpert: http://www.threatexpert.com/report.aspx?md5=e095c261fb56b538c0b87dfeb912a2d7 |
| ssdeep: 1536:y6G2m6Y44Gx53v1RcPZ99blGMXVmgsBDeLn4qRQLSvd16+aR:Zg6Y44GH/UZrblT3sZo4q2Ed16+ |
| Prevx Info: http://info.prevx.com/aboutprogramtext.asp?PX5=939B01BA00F3C7BB4692017F98B0DD007837B6AA |
| PEiD : - |
| RDS : NSRL Reference Data Set - |
ATTENTION:
VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
