Srpski | Македонски | العربية | Suomi | ihMdI | | עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español
Virus Total

Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
File ka.jpg received on 2009.10.30 23:58:54 (UTC)
Current status: finished
Result: 12/41 (29.27%)
Antivirus Version Last Update Result
a-squared 4.5.0.41 2009.10.30 -
AhnLab-V3 5.0.0.2 2009.10.30 -
AntiVir 7.9.1.53 2009.10.30 TR/Spy.Banker.Gen
Antiy-AVL 2.0.3.7 2009.10.30 -
Authentium 5.1.2.4 2009.10.30 W32/Downloader.X.gen!Eldorado
Avast 4.8.1351.0 2009.10.30 -
AVG 8.5.0.423 2009.10.30 -
BitDefender 7.2 2009.10.30 Gen:Trojan.Heur.@VW@rvbO9IfGy
CAT-QuickHeal 10.00 2009.10.30 -
ClamAV 0.94.1 2009.10.30 -
Comodo 2780 2009.10.30 -
DrWeb 5.0.0.12182 2009.10.30 -
eSafe 7.0.17.0 2009.10.29 -
eTrust-Vet 35.1.7094 2009.10.30 -
F-Prot 4.5.1.85 2009.10.30 W32/Downloader.X.gen!Eldorado
F-Secure 9.0.15370.0 2009.10.30 Gen:Trojan.Heur.@VW@rvbO9IfGy
Fortinet 3.120.0.0 2009.10.30 -
GData 19 2009.10.30 Gen:Trojan.Heur.@VW@rvbO9IfGy
Ikarus T3.1.1.72.0 2009.10.30 -
Jiangmin 11.0.800 2009.10.30 -
K7AntiVirus 7.10.884 2009.10.30 -
Kaspersky 7.0.0.125 2009.10.31 -
McAfee 5787 2009.10.30 -
McAfee+Artemis 5787 2009.10.30 -
McAfee-GW-Edition 6.8.5 2009.10.30 Trojan.Spy.Banker.Gen
Microsoft 1.5202 2009.10.30 TrojanSpy:Win32/Banker.USY
NOD32 4559 2009.10.30 probably a variant of Win32/Spy.Banker.QEO
Norman 6.03.02 2009.10.30 -
nProtect 2009.1.8.0 2009.10.30 -
Panda 10.0.2.2 2009.10.30 Suspicious file
PCTools 7.0.3.5 2009.10.30 -
Prevx 3.0 2009.10.31 -
Rising 21.53.43.00 2009.10.30 -
Sophos 4.47.0 2009.10.30 Sus/UnkPacker
Sunbelt 3.2.1858.2 2009.10.30 -
Symantec 1.4.4.12 2009.10.31 -
TheHacker 6.5.0.2.056 2009.10.28 -
TrendMicro 8.950.0.1094 2009.10.30 Cryp_Opet-3
VBA32 3.12.10.11 2009.10.30 -
ViRobot 2009.10.30.2013 2009.10.30 -
VirusBuster 4.6.5.0 2009.10.30 -
Additional information
File size: 5070336 bytes
MD5   : 7d42f7b7b5f05dc77157648b049ed85d
SHA1  : c122e833d085ae031f73737d5a213319e72e0d03
SHA256: 61032ab7e42c7d1cde7ef77dae12c761131539f84afe669ab60ff7379a27cae7
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x14939FC
timedatestamp.....: 0x2A425E19 (Sat Jun 20 00:22:17 1992)
machinetype.......: 0x14C (Intel I386)

( 11 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x104670 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
DATA 0x106000 0x2D84 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
BSS 0x109000 0x11F9 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x10B000 0x2A86 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.tls 0x10E000 0x10 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x10F000 0x18 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.UPX0 0x110000 0x11AC0 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x122000 0xE3CC00 0x2000 3.85 43f15b2e9a2f9ec4fad526946ce75c11
.UPX1 0xF5F000 0xDB4D0 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.UPX2 0x103B000 0x4D3674 0x4D3800 7.92 0ef1eb1bffad9284c3d8cd2e73dd8c2f
.reloc 0x150F000 0x12C 0x200 3.14 5baa04014c4f23f718e8733f8f0e1d3f

( 10 imports )

> advapi32.dll: RegOpenKeyExA
> comctl32.dll: ImageList_BeginDrag
> gdi32.dll: CreateEnhMetaFileA
> kernel32.dll: GetModuleFileNameA, GetModuleHandleA, LoadLibraryA, VirtualAlloc, VirtualFree, GetModuleFileNameA, ExitProcess
> ole32.dll: StringFromCLSID
> oleaut32.dll: VariantInit
> urlmon.dll: URLDownloadToFileA
> user32.dll: IsDialogMessageA, MessageBoxA
> version.dll: VerQueryValueA
> wininet.dll: InternetGetConnectedState

( 1 exports )

> UTS_wg__M1_w__xpj_yf_AG@bFDIP4jw___7Gk_YZ__R_w_g9_h_4_XGpv6__o___DQ__n8____N_Y@_XOE__9_BZ_JbU_Ps0 s_vL_NjH__Kr___2n__Uqo_PZ__Xw_j2__DG__L_VQsta8s__VO2__3_Vjo__$_T_jVRA_____pDB_n7H0p5Og__A7_r5yoyA__c_5_2_T_cTvkL_lNlpcW_D6__e9_Pyv____qqgCk_____OA5wu7W_j5__v2L1q7_@U_7_uC_.8_E_lUFpQ_LKR_ygq___UU_E8_A3xlo__zBBrmoHO_vm1__q_3v_X _pBn_la_t_s_I3 9bS0_X8OAzF_yD_yN7_9B_G__Pm7VpFJBv_poH___4xxKv_q1s_Q_r__nA__G5h_eY_m_uW_l__F0_g_i___c_8__s4l_L_jE_GPE_0_9G__qI____kE_hY_3cOH___CM____AWqa_nK3__WT2Q7GRr_TP__.w2Q___oi_x5lH_natP_gtmK6B_$__5KXp3 __w5_2v__.G6Oo_0Sm_@D_b_MW__3_A_eha_tE_O_0gz_6___j50_TZM_qX___e9_u3___6AVQf____LAy_5Sab_tNszf8__B_a_SDz_P_XQxo1XCj_0_gfZ___y__O8_of6w_I 73Vps_p_XqgH_9dPVhv_8j@4$luh__s__i_r@s06Vt_0sCsa___ieS1FBwj.CML_xW0U__U_B_ddOoVp_R_n___3h7FRw__KAN__ ___nTlBWmx@__wy6t__.4Y___l6CKVxaF7_IZ_bI_pUJ_5__LDQgsVtO44__9t2WE _rmF_5gT_Z_2Q5_$_9ZN___FKxgLAi_$A8J@Pr9__bq_bk__8gc_NZ4_UNq@__4____ 5_8b8At1__8_NG_q__har7$__e___U___mS______U7f3._wm@_w_Ha.M9Ww_gCP____j__6e____F2Ok_YV___K__m_z_T__$E$1_6_4JR1a_ZS_WA__Olv_bys5x___w_k_i5_8QnT415$__hRe_Y_jnXAsLUFl_YDp_O_Cia$_Ey1__ _m_7_ DXYJdnXh_Do__Km_81P4J_SmS_7__Ow_uj_4_4gW_F2FVlW__G_PpoyLsXN1 N .q_85_NVp@_zx_Y6_dkcGa_Z_0hl_9_913__I_j_Z_@_DQ7Lpn__y_Pv__$_Egb__h_A_ECPFY__
TrID  : File type identification
Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
ssdeep: 98304:cx1KKhvTVExGR7RZoEAkKiZG1/YLiWXEmztJIi6hUG4O0yfQo10aBfSvTQKc8pum:cSKhvWo7joSKiZGJYuWXEQI6lyfCaBfy
PEiD  : -
RDS   : NSRL Reference Data Set
-

ATENTION ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.

Scan another file