Srpski | Македонски | العربية | Suomi | ihMdI | 
| עברית | 
| Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | 
| 
| Magyar | Deutsch | Česky | Polski | Español
| עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español
|
Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information... |
File js.jpg received on 2009.07.27 08:37:25 (UTC)
Current status: finished
Current status: finished
Result: 18/40 (45.00%)
| Antivirus | Version | Last Update | Result |
|---|---|---|---|
| a-squared | 4.5.0.24 | 2009.07.27 | Trojan-Banker.Win32.Banker!IK |
| AhnLab-V3 | 5.0.0.2 | 2009.07.27 | - |
| AntiVir | 7.9.0.228 | 2009.07.27 | TR/Spy.Banker.Gen |
| Antiy-AVL | 2.0.3.7 | 2009.07.27 | Trojan/Win32.Banker.gen |
| Authentium | 5.1.2.4 | 2009.07.26 | W32/D_Banker!Generic |
| Avast | 4.8.1335.0 | 2009.07.26 | Win32:Rootkit-gen |
| AVG | 8.5.0.387 | 2009.07.26 | - |
| BitDefender | 7.2 | 2009.07.27 | - |
| CAT-QuickHeal | 10.00 | 2009.07.27 | - |
| ClamAV | 0.94.1 | 2009.07.27 | - |
| Comodo | 1780 | 2009.07.27 | - |
| DrWeb | 5.0.0.12182 | 2009.07.27 | - |
| eSafe | 7.0.17.0 | 2009.07.26 | - |
| eTrust-Vet | 31.6.6640 | 2009.07.25 | - |
| F-Prot | 4.4.4.56 | 2009.07.26 | W32/D_Banker!Generic |
| F-Secure | 8.0.14470.0 | 2009.07.27 | - |
| Fortinet | 3.120.0.0 | 2009.07.27 | - |
| GData | 19 | 2009.07.27 | Win32:Rootkit-gen |
| Ikarus | T3.1.1.64.0 | 2009.07.27 | Trojan-Banker.Win32.Banker |
| Jiangmin | 11.0.800 | 2009.07.27 | - |
| K7AntiVirus | 7.10.802 | 2009.07.25 | - |
| Kaspersky | 7.0.0.125 | 2009.07.27 | - |
| McAfee | 5689 | 2009.07.26 | PWS-Banker.gen.b |
| McAfee+Artemis | 5689 | 2009.07.26 | Artemis!3F65C636FE54 |
| McAfee-GW-Edition | 6.8.5 | 2009.07.27 | Trojan.Spy.Banker.Gen |
| Microsoft | 1.4903 | 2009.07.27 | TrojanSpy:Win32/Bancos.gen!C |
| NOD32 | 4280 | 2009.07.26 | a variant of Win32/Spy.Banker.QEO |
| Norman | 6.01.09 | 2009.07.24 | - |
| nProtect | 2009.1.8.0 | 2009.07.27 | Trojan-Spy/W32.Banker.4317184 |
| Panda | 10.0.0.14 | 2009.07.26 | Trj/CI.A |
| Prevx | 3.0 | 2009.07.27 | - |
| Rising | 21.40.02.00 | 2009.07.27 | - |
| Sophos | 4.44.0 | 2009.07.27 | Mal/DelpBanc-A |
| Sunbelt | 3.2.1858.2 | 2009.07.26 | Trojan-Spy.Win32.Banker.to |
| Symantec | 1.4.4.12 | 2009.07.27 | - |
| TheHacker | 6.3.4.3.374 | 2009.07.26 | - |
| TrendMicro | 8.950.0.1094 | 2009.07.27 | - |
| VBA32 | 3.12.10.9 | 2009.07.27 | suspected of Trojan-Spy.xBank.51 |
| ViRobot | 2009.7.27.1854 | 2009.07.27 | - |
| VirusBuster | 4.6.5.0 | 2009.07.26 | - |
| Additional information |
|---|
| File size: 4317184 bytes |
| MD5 : 3f65c636fe5439f3c68f3a1cd8fcf8ff |
| SHA1 : c067f90de67185207bc5bee76e2ea4cff24dcdf0 |
| SHA256: 717d203b493a0a506ab539ef39a75e60f51db1c58e99c475d6f352e89bbbee01 |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x26D5001 timedatestamp.....: 0x2A425E19 (Sat Jun 20 00:22:17 1992) machinetype.......: 0x14C (Intel I386) ( 10 sections ) name viradd virsiz rawdsiz ntrpy md5 CODE 0x1000 0xED000 0x4F400 8.00 d45ea842e73acb93062ae38678e0f52b DATA 0xEE000 0x3000 0x1400 7.88 d30987bf746d785b6be7fe1db9070b4c BSS 0xF1000 0x2000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e .idata 0xF3000 0x3000 0x1000 7.62 3dcafeaaae77ad2e642b32ca3075ba23 .tls 0xF6000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e .rdata 0xF7000 0x1000 0x200 0.21 4a3faa76913cfaa52790cde460366e8b .reloc 0xF8000 0x11000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e .rsrc 0x109000 0x25CC000 0x3CA800 7.99 63c0f37e32f22347937bb117d7c78570 .aspack 0x26D5000 0x2000 0x1A00 5.74 b9a50f46dc0036c3e4f0159eccad36c2 .adata 0x26D7000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e ( 10 imports ) > advapi32.dll: RegQueryValueExA, RegSetValueExA > comctl32.dll: ImageList_SetIconSize > gdi32.dll: UnrealizeObject > kernel32.dll: GetProcAddress, GetModuleHandleA, LoadLibraryA > ole32.dll: CreateStreamOnHGlobal > oleaut32.dll: SysFreeString, SafeArrayPtrOfIndex, GetErrorInfo > user32.dll: GetKeyboardType, CreateWindowExA, DdeCmpStringHandles > version.dll: VerQueryValueA > wininet.dll: InternetGetConnectedState > wsock32.dll: WSACleanup ( 0 exports ) |
| TrID : File type identification Win32 Executable Generic (68.0%) Generic Win/DOS Executable (15.9%) DOS Executable Generic (15.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) |
| ssdeep: 98304:OEz4hd04HxO2w2JjO1mFVtACJSssCMIuI7hE0/OZ1jKsaSvRHcJ/OhfO:Jz0dVHU2ftO4m2Ss2IHEKOZ1KIvR8J2h |
| Prevx Info: http://info.prevx.com/aboutprogramtext.asp?PX5=3DF61E4000E920E0E0DF4166F6CDCB005FF48FC7 |
| PEiD : ASPack v2.12 |
| packers (Kaspersky): ASPack, UPX |
| packers (F-Prot): Aspack |
| packers (Authentium): Aspack |
| RDS : NSRL Reference Data Set - |
ATTENTION:
VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
