Srpski | Македонски | العربية | Suomi | ihMdI | 
| עברית | 
| Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | 
| 
| Magyar | Deutsch | Česky | Polski | Español
| עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español
|
Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information... |
File tax_statement.exe received on 2009.09.10 01:07:19 (UTC)
Current status: finished
Current status: finished
Result: 15/41 (36.59%)
| Antivirus | Version | Last Update | Result |
|---|---|---|---|
| a-squared | 4.5.0.24 | 2009.09.10 | Trojan-Spy.Win32.Zbot!IK |
| AhnLab-V3 | 5.0.0.2 | 2009.09.09 | - |
| AntiVir | 7.9.1.14 | 2009.09.09 | - |
| Antiy-AVL | 2.0.3.7 | 2009.09.09 | - |
| Authentium | 5.1.2.4 | 2009.09.09 | - |
| Avast | 4.8.1351.0 | 2009.09.09 | - |
| AVG | 8.5.0.412 | 2009.09.10 | PSW.Generic7.ZDM |
| BitDefender | 7.2 | 2009.09.10 | Trojan.Spy.Zbot.BBR |
| CAT-QuickHeal | 10.00 | 2009.09.09 | - |
| ClamAV | 0.94.1 | 2009.09.09 | - |
| Comodo | 2268 | 2009.09.10 | - |
| DrWeb | 5.0.0.12182 | 2009.09.10 | - |
| eSafe | 7.0.17.0 | 2009.09.09 | - |
| eTrust-Vet | 31.6.6728 | 2009.09.09 | - |
| F-Prot | 4.5.1.85 | 2009.09.09 | - |
| F-Secure | 8.0.14470.0 | 2009.09.10 | Trojan-Spy:W32/Zbot.gen!B |
| Fortinet | 3.120.0.0 | 2009.09.10 | W32/Zbot!tr |
| GData | 19 | 2009.09.10 | Trojan.Spy.Zbot.BBR |
| Ikarus | T3.1.1.72.0 | 2009.09.10 | Trojan-Spy.Win32.Zbot |
| Jiangmin | 11.0.800 | 2009.09.09 | - |
| K7AntiVirus | 7.10.840 | 2009.09.09 | - |
| Kaspersky | 7.0.0.125 | 2009.09.10 | Trojan-Spy.Win32.Zbot.gen |
| McAfee | 5736 | 2009.09.09 | - |
| McAfee+Artemis | 5736 | 2009.09.09 | Suspect-29!B459F8CA56D3 |
| McAfee-GW-Edition | 6.8.5 | 2009.09.09 | Heuristic.BehavesLike.Win32.Dropper.H |
| Microsoft | 1.5005 | 2009.09.09 | PWS:Win32/Zbot.gen!R |
| NOD32 | 4412 | 2009.09.10 | a variant of Win32/Kryptik.AET |
| Norman | 6.01.09 | 2009.09.09 | - |
| nProtect | 2009.1.8.0 | 2009.09.09 | - |
| Panda | 10.0.2.2 | 2009.09.09 | Suspicious file |
| PCTools | 4.4.2.0 | 2009.09.09 | - |
| Prevx | 3.0 | 2009.09.10 | - |
| Rising | 21.46.24.00 | 2009.09.09 | - |
| Sophos | 4.45.0 | 2009.09.09 | - |
| Sunbelt | 3.2.1858.2 | 2009.09.10 | - |
| Symantec | 1.4.4.12 | 2009.09.10 | Downloader |
| TheHacker | 6.3.4.3.399 | 2009.09.09 | - |
| TrendMicro | 8.950.0.1094 | 2009.09.09 | - |
| VBA32 | 3.12.10.10 | 2009.09.09 | Malware-Cryptor.Win32.Kefir |
| ViRobot | 2009.9.9.1925 | 2009.09.09 | - |
| VirusBuster | 4.6.5.0 | 2009.09.09 | - |
| Additional information |
|---|
| File size: 95232 bytes |
| MD5 : b459f8ca56d3128317941cfb8789b661 |
| SHA1 : dae4a23391300ad8a435a5bee96127c473229687 |
| SHA256: 7aaadf291fc8557b758c83bed63b0ce7826bfeb04683da00c52da6b9e3643832 |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x6FC2 timedatestamp.....: 0x4925A434 (Thu Nov 20 18:53:56 2008) machinetype.......: 0x14C (Intel I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x12B75 0x12C00 6.96 b7ab6e4c7d0abc07301f036c2053fc23 .rdata 0x14000 0x4160 0x4200 5.56 ba6e212286f4384cbbcfc4333397672e .data 0x19000 0x20E0 0x200 1.04 a35d705c944ebe4b7b1d44ecec02d085 ( 5 imports ) > advapi32.dll: EnumDependentServicesW, ObjectCloseAuditAlarmW, CryptGetUserKey, PrivilegeCheck, IsValidSid, ConvertSecurityDescriptorToAccessNamedW, ObjectPrivilegeAuditAlarmW, IsTextUnicode, ReportEventA, CryptHashSessionKey, SetFileSecurityA, CryptDuplicateHash, SetEntriesInAuditListW, FreeSid, SetSecurityDescriptorDacl, QueryServiceLockStatusW, AreAllAccessesGranted, GetSecurityInfo, LookupPrivilegeDisplayNameW, InitializeAcl, GetSecurityInfoExA, GetSecurityDescriptorSacl, PrivilegedServiceAuditAlarmA, RegCreateKeyW, AllocateLocallyUniqueId, CreatePrivateObjectSecurity, RegQueryMultipleValuesA, GetAuditedPermissionsFromAclW, RegLoadKeyW, OpenEventLogW, GetServiceKeyNameW, ConvertSecurityDescriptorToAccessNamedA, GetOverlappedAccessResults, GetNamedSecurityInfoW, GetNamedSecurityInfoExW, RegDeleteKeyA, GetEffectiveRightsFromAclW, ObjectOpenAuditAlarmA, BuildExplicitAccessWithNameW, CryptContextAddRef, SetPrivateObjectSecurity, ChangeServiceConfigA, GetOldestEventLogRecord, CryptSetProvParam, AddAuditAccessAce, QueryServiceStatus, CryptReleaseContext, GetMultipleTrusteeW, CopySid, CryptEnumProvidersA, OpenEventLogA, RegSetValueExA, RegSetValueW, CryptSetProviderExW, QueryServiceLockStatusA, SetNamedSecurityInfoW, CryptSetHashParam, RegEnumValueW, RegGetKeySecurity, SetFileSecurityW, CryptDecrypt, CreateServiceW, RegQueryMultipleValuesW, BuildTrusteeWithNameA, BuildExplicitAccessWithNameA, AdjustTokenPrivileges, SetSecurityInfo, OpenServiceA, CryptVerifySignatureA, CreateServiceA, GetMultipleTrusteeOperationW, PrivilegedServiceAuditAlarmW, CryptEnumProviderTypesW, GetNamedSecurityInfoA, CreateProcessAsUserW, RegOpenKeyA, RegSetKeySecurity, ImpersonateSelf, SetNamedSecurityInfoA, LogonUserW, QueryServiceConfigA, CryptGenRandom, CryptGetHashParam, BuildImpersonateExplicitAccessWithNameW, EqualSid, RegCreateKeyA, LookupSecurityDescriptorPartsW, AccessCheckAndAuditAlarmA, SetEntriesInAclW, MapGenericMask, CryptDeriveKey, LookupSecurityDescriptorPartsA, NotifyBootConfigStatus, ObjectDeleteAuditAlarmA, OpenBackupEventLogW, BuildImpersonateTrusteeW, GetAccessPermissionsForObjectW, SetEntriesInAclA, ImpersonateNamedPipeClient, ReadEventLogA, RegReplaceKeyA, RegQueryValueA, RegConnectRegistryW, RegCreateKeyExW, RegUnLoadKeyW, SetSecurityInfoExA, OpenThreadToken, BackupEventLogA, DestroyPrivateObjectSecurity, CryptDuplicateKey, RegRestoreKeyW, RegEnumValueA, CryptGetDefaultProviderA > kernel32.dll: GetProfileStringA, EnumDateFormatsA, SetSystemTime, lstrcat, VirtualProtect, lstrcatA, GetProcessAffinityMask, WriteConsoleOutputW, GetAtomNameA, CreateEventA, GetCurrencyFormatA, ExitProcess, EnumDateFormatsExA, GetMailslotInfo, FillConsoleOutputCharacterA, GetAtomNameW, EnumResourceLanguagesA, GetProfileSectionW, Module32First, WaitForDebugEvent, GetCurrentProcessId, VirtualAlloc, UnmapViewOfFile, CopyFileA, GlobalUnlock, GetLogicalDriveStringsA, GetHandleInformation, SetThreadLocale, GetTapePosition, SetConsoleOutputCP, GetCurrentDirectoryW, FatalAppExitW, GetProfileSectionA, CreateToolhelp32Snapshot, OpenFileMappingA, SetProcessAffinityMask, LocalUnlock, GetDriveTypeW, GetNumberFormatA, ClearCommError, SetConsoleTextAttribute, VirtualAllocEx, SetupComm, SetComputerNameA, ReadConsoleOutputCharacterA, SetWaitableTimer, VirtualUnlock, DebugActiveProcess, CreateMailslotA, SetEndOfFile, LocalAlloc, EndUpdateResourceW, GetSystemPowerStatus, GlobalHandle, GetNumberOfConsoleInputEvents, GetDiskFreeSpaceA, lstrcpynA, CallNamedPipeA, MoveFileExA, GetStartupInfoA, GetCommProperties, GetModuleHandleA, CreateProcessA, Heap32ListFirst, HeapLock, GetVolumeInformationW, GetUserDefaultLangID, FindAtomW, SetNamedPipeHandleState, WritePrivateProfileStructA, CreateNamedPipeW, BuildCommDCBAndTimeoutsW, MoveFileW, CancelIo, SetLocalTime, RemoveDirectoryW, RequestWakeupLatency, lstrcpynW, GetPrivateProfileStringW, GetPriorityClass, HeapDestroy, SetCommBreak, FreeResource, WaitNamedPipeA, WideCharToMultiByte, OpenWaitableTimerW, GetFileTime, CreateSemaphoreA, ReadConsoleA, SetFileApisToOEM, GetWindowsDirectoryA, EnumDateFormatsExW, IsValidCodePage, SetFileTime, GetTempPathW, ClearCommBreak, SystemTimeToFileTime, CallNamedPipeW, SetFileAttributesA, GetExitCodeThread, WriteProcessMemory, ReadDirectoryChangesW, ReleaseMutex, CreatePipe, GlobalMemoryStatus, SetCalendarInfoW, GetVersionExA, FlushConsoleInputBuffer, CompareFileTime, WaitForSingleObjectEx, GetProcessTimes, FindResourceExA, WriteConsoleInputW, PeekConsoleInputW, LocalFree, Toolhelp32ReadProcessMemory, CreateRemoteThread, FindFirstFileW, SetThreadAffinityMask, GetDiskFreeSpaceW, SetVolumeLabelW, SetLocaleInfoA, GetCurrentThread, IsDBCSLeadByteEx, GetProcessHeap, GetCurrentDirectoryA, GetTapeStatus, GetSystemDirectoryA, GetOverlappedResult, HeapCreate, GetLocaleInfoW, CopyFileExW > ole32.dll: UpdateDCOMSettings, OleTranslateAccelerator, CoInitialize, OleCreateLinkToFileEx, DllDebugObjectRPCHook, StgOpenStorageOnILockBytes, CreateAntiMoniker, CoFreeAllLibraries, CoRegisterChannelHook, OleCreateEx, OleDestroyMenuDescriptor, OleSetMenuDescriptor, OleIsCurrentClipboard, OleRegEnumVerbs, StgCreateDocfileOnILockBytes, CoFileTimeNow, OleRegGetMiscStatus, CoCopyProxy, CreateFileMoniker, EnableHookObject, OleGetAutoConvert, StgCreateDocfile, CoTaskMemRealloc, OleCreateFromData, OleIsRunning, OleLoadFromStream, OleCreateFromDataEx, GetHGlobalFromILockBytes, CoGetInstanceFromFile, OleCreateFromFile, CoTaskMemFree, StringFromGUID2, OleSetAutoConvert, ReadStringStream, OleSetContainedObject, OleCreateLinkFromData, WriteFmtUserTypeStg, CoUnmarshalHresult, CoUninitialize, CoSuspendClassObjects, OleInitialize, CoMarshalHresult, UtConvertDvtd32toDvtd16, UtGetDvtd16Info, OleSaveToStream, OleCreate, OleBuildVersion, StgGetIFillLockBytesOnILockBytes, StgOpenAsyncDocfileOnIFillLockBytes, OleUninitialize, OleCreateFromFileEx, CoReleaseServerProcess, StgGetIFillLockBytesOnFile, CoRegisterSurrogate, MonikerCommonPrefixWith, CoImpersonateClient, CoDisconnectObject, OleLockRunning, GetDocumentBitStg, DoDragDrop, OleConvertOLESTREAMToIStorage, WriteClassStg, OleFlushClipboard, CoTaskMemAlloc, CLSIDFromProgID, ReadOleStg, OleRegGetUserType, CoDosDateTimeToFileTime, CoGetCurrentProcess, ReleaseStgMedium, MkParseDisplayName, OleConvertIStorageToOLESTREAMEx, OleQueryLinkFromData, OleRegEnumFormatEtc, CreateOleAdviseHolder, UtGetDvtd32Info, OleCreateLinkEx, PropVariantClear, GetHGlobalFromStream, OleGetClipboard, CoResumeClassObjects, CoCreateFreeThreadedMarshaler, OleCreateStaticFromData, CoRevokeClassObject, OleNoteObjectVisible, CoGetObject, CoGetCallerTID, CoQueryClientBlanket, CoLockObjectExternal, CreatePointerMoniker, CoGetInstanceFromIStorage, IsAccelerator, OleMetafilePictFromIconAndLabel, UtConvertDvtd16toDvtd32, CoGetInterfaceAndReleaseStream, CreateStreamOnHGlobal, CoRegisterMallocSpy, CoFreeUnusedLibraries, OleDraw, OleCreateEmbeddingHelper, CoCreateGuid, OleCreateLink, CoFileTimeToDosDateTime, OleConvertOLESTREAMToIStorageEx, OleLoad, CoQueryProxyBlanket, OleCreateMenuDescriptor, RegisterDragDrop > shlwapi.dll: SHRegEnumUSValueA, SHOpenRegStream2W, SHDeleteKeyW, UrlGetPartA, StrCatW, SHRegGetUSValueW, PathIsFileSpecW, PathIsSystemFolderA, PathUndecorateA, PathQuoteSpacesA, SHGetValueA, UrlApplySchemeW, SHSetThreadRef, SHRegEnumUSKeyA, PathRemoveBackslashA, SHRegEnumUSValueW, SHRegDeleteUSValueW, StrDupA, PathMakeSystemFolderA, SHDeleteValueA, SHEnumKeyExW, StrCpyW, StrStrIA, PathFindExtensionA, ColorRGBToHLS, PathFindNextComponentW, StrNCatW, PathIsContentTypeW, StrNCatA, UrlCompareW, StrRetToStrA, wnsprintfW, PathCommonPrefixA, PathIsUNCServerA, SHDeleteEmptyKeyA, PathIsLFNFileSpecA, StrIsIntlEqualA, SHCreateStreamOnFileW, SHAutoComplete, SHDeleteValueW, SHRegOpenUSKeyW, UrlCombineA, PathCombineW, SHOpenRegStreamA, SHCreateShellPalette, PathSkipRootW, UrlApplySchemeA, SHRegGetBoolUSValueA, StrCmpNIW, PathIsSystemFolderW, PathSkipRootA, UrlGetLocationW, UrlCreateFromPathA, PathGetDriveNumberA, StrPBrkW, StrCmpNA, SHCopyKeyW, AssocQueryStringByKeyW, SHQueryInfoKeyW, SHCopyKeyA, UrlEscapeA, PathFindExtensionW, PathFindFileNameA, StrCSpnA, PathIsDirectoryEmptyW, PathRemoveExtensionW, StrChrA, GetMenuPosFromID, SHRegDuplicateHKey, PathIsSameRootA, PathIsSameRootW, UrlGetPartW, AssocQueryStringByKeyA, PathUnmakeSystemFolderA, StrCSpnIA, SHRegQueryInfoUSKeyW, AssocQueryStringW, StrCmpIW, UrlUnescapeA, PathIsContentTypeA, PathSetDlgItemPathA, StrCSpnW, wvnsprintfA, PathIsURLA, PathMakeSystemFolderW, PathAddExtensionW, SHStrDupA, StrRChrIW, StrRStrIA, StrCmpNW, StrRetToStrW, PathIsDirectoryA, StrFormatByteSizeW, SHRegDeleteEmptyUSKeyA, SHDeleteEmptyKeyW, StrToIntW, PathCompactPathW, SHOpenRegStream2A, StrFromTimeIntervalA, PathFindSuffixArrayW, PathRemoveArgsW, PathGetArgsA, PathAppendW, StrPBrkA, StrCpyNW, AssocQueryKeyA, PathQuoteSpacesW, SHRegWriteUSValueW, SHRegCloseUSKey, SHQueryValueExW, StrStrA, SHRegCreateUSKeyW, PathParseIconLocationW, HashData, PathIsFileSpecA, SHRegGetBoolUSValueW, SHEnumValueW, PathGetDriveNumberW > user32.dll: SetTimer, SetSystemCursor, OemToCharW, GetWindowLongW, SetActiveWindow, CallMsgFilterA, GetClientRect, DrawFrameControl, GetPropA, GetDC, ShowOwnedPopups, DlgDirSelectExA, DrawTextA, InSendMessage, EqualRect, SetMenuItemInfoW, GetMenuCheckMarkDimensions, DefWindowProcA, SetDlgItemTextA, GetWindowModuleFileNameA, ChangeClipboardChain, GetUserObjectSecurity, GetMenuItemInfoA, GetMenuDefaultItem, UnregisterDeviceNotification, MapVirtualKeyExW, LoadBitmapA, CharPrevW, SetRectEmpty, GetClassInfoExA, GetMenuContextHelpId, BeginDeferWindowPos, SetWindowsHookA, LoadBitmapW, DrawFrame, LoadMenuA, ClipCursor, LoadMenuIndirectA, LoadKeyboardLayoutA, CheckMenuItem, DlgDirSelectExW, CreateCursor, DrawTextW, SystemParametersInfoA, GetAltTabInfo, InflateRect, WinHelpW, FindWindowA, GetMenuInfo, GetTitleBarInfo, GetKeyNameTextW, DlgDirListComboBoxW, UnhookWindowsHookEx, EnumDisplayDevicesW, GetKeyboardLayoutList, ModifyMenuA, CreatePopupMenu, InsertMenuItemW, GetDlgItemTextA, UnloadKeyboardLayout, GrayStringA, CreateDesktopW, UnregisterClassA, CopyImage, ScrollDC, GetClassInfoA, DdeAddData, SetClipboardData, GetClassInfoExW, MessageBoxIndirectA, DdeDisconnectList, EnumThreadWindows, GetClipboardData, CreateDialogParamW, GetFocus, SetUserObjectInformationW, IsWindowUnicode, BlockInput, LoadCursorFromFileW, GetWindowDC, SetDlgItemInt, RealChildWindowFromPoint, DdeConnect, SetCaretBlinkTime, GetClassNameA, GetDialogBaseUnits, CreateIconFromResourceEx, DialogBoxIndirectParamA, SetClassWord, DdeFreeDataHandle, CallMsgFilter, CreateMDIWindowW, GetWindowRgn, SetFocus, SetWindowTextW, DrawTextExA, GetForegroundWindow, RegisterDeviceNotificationW, RemovePropW, DispatchMessageW, EnumDesktopWindows, GetQueueStatus, RegisterClipboardFormatW, DdeInitializeW, SetWindowsHookExW, GetClipboardFormatNameA, InSendMessageEx, SetCaretPos, CopyAcceleratorTableW, CharToOemA, GetShellWindow, GetWindowModuleFileNameW, TranslateMDISysAccel, DrawIconEx, CheckDlgButton ( 0 exports ) |
| TrID : File type identification Win32 Executable MS Visual C++ (generic) (65.2%) Win32 Executable Generic (14.7%) Win32 Dynamic Link Library (generic) (13.1%) Generic Win/DOS Executable (3.4%) DOS Executable Generic (3.4%) |
| ThreatExpert: http://www.threatexpert.com/report.aspx?md5=b459f8ca56d3128317941cfb8789b661 |
| ssdeep: 1536:v+Lj+GwRi0TAF22SLPeXvJkTzKeSvZoAigam5/vWq0kwLM5NgWLEv6JZBiYR5MDn:mX7wRi5F22NJkTFSvBlagusZXgWlzBD6 |
| Prevx Info: http://info.prevx.com/aboutprogramtext.asp?PX5=C96C031500FDB31174D0016A92BC92003E3C3A90 |
| PEiD : - |
| RDS : NSRL Reference Data Set - |
ATTENTION:
VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
