Srpski | Македонски | العربية | Suomi | ihMdI | 
| עברית | 
| Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | 
| 
| Magyar | Deutsch | Česky | Polski | Español
| עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español
|
Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information... |
File ya.exe received on 2009.04.18 13:28:44 (UTC)
Current status: finished
Current status: finished
Result: 15/40 (37.50%)
| Antivirus | Version | Last Update | Result |
|---|---|---|---|
| a-squared | 4.0.0.101 | 2009.04.18 | Trojan.Waledac!IK |
| AhnLab-V3 | 5.0.0.2 | 2009.04.17 | - |
| AntiVir | 7.9.0.143 | 2009.04.17 | TR/Waledac.77824.1 |
| Antiy-AVL | 2.0.3.1 | 2009.04.17 | - |
| Authentium | 5.1.2.4 | 2009.04.18 | - |
| Avast | 4.8.1335.0 | 2009.04.17 | - |
| AVG | 8.5.0.287 | 2009.04.18 | - |
| BitDefender | 7.2 | 2009.04.18 | Trojan.Waledac.Gen.1 |
| CAT-QuickHeal | 10.00 | 2009.04.18 | (Suspicious) - DNAScan |
| ClamAV | 0.94.1 | 2009.04.18 | - |
| Comodo | 1120 | 2009.04.18 | - |
| DrWeb | 4.44.0.09170 | 2009.04.18 | Trojan.PWS.Panda.110 |
| eSafe | 7.0.17.0 | 2009.04.13 | Suspicious File |
| eTrust-Vet | 31.6.6455 | 2009.04.14 | - |
| F-Prot | 4.4.4.56 | 2009.04.17 | - |
| F-Secure | 8.0.14470.0 | 2009.04.18 | Trojan-Spy.Win32.Zbot.set |
| Fortinet | 3.117.0.0 | 2009.04.18 | PossibleThreat |
| GData | 19 | 2009.04.18 | Trojan.Waledac.Gen.1 |
| Ikarus | T3.1.1.49.0 | 2009.04.18 | Trojan.Waledac |
| K7AntiVirus | 7.10.707 | 2009.04.17 | - |
| Kaspersky | 7.0.0.125 | 2009.04.18 | Trojan-Spy.Win32.Zbot.set |
| McAfee | 5587 | 2009.04.17 | - |
| McAfee+Artemis | 5587 | 2009.04.17 | - |
| McAfee-GW-Edition | 6.7.6 | 2009.04.18 | Trojan.Waledac.77824.1 |
| Microsoft | 1.4502 | 2009.04.18 | - |
| NOD32 | 4018 | 2009.04.18 | Win32/Spy.Zbot.JF |
| Norman | 6.00.06 | 2009.04.17 | - |
| nProtect | 2009.1.8.0 | 2009.04.18 | - |
| Panda | 10.0.0.14 | 2009.04.18 | - |
| PCTools | 4.4.2.0 | 2009.04.17 | - |
| Prevx1 | V2 | 2009.04.18 | - |
| Rising | 21.25.52.00 | 2009.04.18 | - |
| Sophos | 4.40.0 | 2009.04.18 | Mal/EncPk-HJ |
| Sunbelt | 3.2.1858.2 | 2009.04.18 | InfoStealer.Snifula.a (v) |
| Symantec | 1.4.4.12 | 2009.04.18 | - |
| TheHacker | 6.3.4.0.309 | 2009.04.16 | - |
| TrendMicro | 8.700.0.1004 | 2009.04.17 | - |
| VBA32 | 3.12.10.2 | 2009.04.12 | - |
| ViRobot | 2009.4.18.1685 | 2009.04.18 | - |
| VirusBuster | 4.6.5.0 | 2009.04.17 | - |
| Additional information |
|---|
| File size: 77824 bytes |
| MD5...: 4e3365c496a7ce190c166499eae028fe |
| SHA1..: b0b22d960369c11a5fc96b2e9897b1fe2922a598 |
| SHA256: ae39ba4f7eb2ff5f6667c1ff83fc272d297718c3e838ac991872cc586c4c2b03 |
| SHA512: 0f9be14a4f106f63951a509767153ca840e7b02bb12e87b67a5653a1ca761c99 faf43ce1771dd77b5b120d023741c74c63b78a6d7a031746cc07711a15900e4b |
| ssdeep: 1536:239AAO2Qkjmktptu3xDWr/X+517MG02wySxtErXsw+4an35JnVmOsEDp8:2 33QkjjGiabA4wySxtEknnJlEObDp8 |
| PEiD..: - |
| TrID..: File type identification Win32 Executable Generic (38.4%) Win32 Dynamic Link Library (generic) (34.1%) Win16/32 Executable Delphi generic (9.3%) Generic Win/DOS Executable (9.0%) DOS Executable Generic (9.0%) |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x115c timedatestamp.....: 0x47d51183 (Mon Mar 10 10:46:27 2008) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x11fc4 0x12000 7.91 2f530720b2750edfa12d2c6648778ad3 .data 0x13000 0x379d 0x800 4.67 ec9006ef75700506b207ce518590b879 .rsrc 0x17000 0x3e8 0x400 3.38 b7bb27e95781dc96d2e1e99ec36f1a4b ( 3 imports ) > MSVCRT.dll: _stat, wcsncmp, memmove, fprintf, _snprintf, strcmp, atoi, _fullpath, _initterm, abs, _strcmpi, _wcsnicmp, _except_handler3, wcsncat, _adjust_fdiv, _wcslwr, strrchr, _chdir, _pctype, _waccess, realloc > KERNEL32.dll: GetModuleHandleW, GetCurrentThreadId, GetCurrentProcessId, GetTickCount, GetSystemTimeAsFileTime, HeapLock, SetConsoleMenuClose, GetFullPathNameW, GetConsoleAliasA, GetConsoleFontSize, CompareFileTime, FindAtomA, EnumCalendarInfoA, WriteConsoleOutputCharacterW, GetFileTime, GetStringTypeW, EnumResourceTypesW, GetConsoleCommandHistoryLengthA, EndUpdateResourceW, FreeConsole, GetPrivateProfileSectionNamesA > ntdll.dll: ZwCreateMailslotFile, RtlMultiByteToUnicodeN, NtCancelTimer, NtAssignProcessToJobObject, RtlDeleteSecurityObject, NlsAnsiCodePage, NtLockVirtualMemory, RtlDestroyProcessParameters, NtSetValueKey, RtlSetOwnerSecurityDescriptor, ZwSetHighEventPair, wcsstr, NtFlushWriteBuffer, ZwGetWriteWatch, CsrCaptureMessageString, RtlImageDirectoryEntryToData, RtlAcquireResourceExclusive, RtlQueryProcessLockInformation ( 0 exports ) |
| RDS...: NSRL Reference Data Set - |
| ThreatExpert info: http://www.threatexpert.com/report.aspx?md5=4e3365c496a7ce190c166499eae028fe |
ATTENTION:
VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
