Srpski | Македонски | العربية | Suomi | ihMdI | | עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español
Virus Total

Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
File install1.exe received on 2009.04.17 12:48:51 (UTC)
Current status: finished
Result: 33/40 (82.50%)
Antivirus Version Last Update Result
a-squared 4.0.0.101 2009.04.17 Trojan-Downloader.Win32.Renos!IK
AhnLab-V3 5.0.0.2 2009.04.17 Win-Trojan/Fraudload.73222
AntiVir 7.9.0.143 2009.04.17 TR/Dldr.FraudLoad.vjva
Antiy-AVL 2.0.3.1 2009.04.17 -
Authentium 5.1.2.4 2009.04.17 W32/Trojan-Obfuscated.2!Generic
Avast 4.8.1335.0 2009.04.16 Win32:Falder
AVG 8.5.0.287 2009.04.17 FakeAlert.HR
BitDefender 7.2 2009.04.17 Trojan.Generic.1436460
CAT-QuickHeal 10.00 2009.04.17 TrojanDownloader.FraudLoad.vj
ClamAV 0.94.1 2009.04.17 Trojan.Downloader-68829
Comodo 1117 2009.04.17 -
DrWeb 4.44.0.09170 2009.04.17 -
eSafe 7.0.17.0 2009.04.13 Win32.Banker
eTrust-Vet 31.6.6455 2009.04.14 -
F-Prot 4.4.4.56 2009.04.16 W32/Trojan-Obfuscated.2!Generic
F-Secure 8.0.14470.0 2009.04.17 Trojan-Downloader:W32/FraudLoad.DN
Fortinet 3.117.0.0 2009.04.17 W32/FraudLoad.VKBK!tr.dldr
GData 19 2009.04.17 Trojan.Generic.1436460
Ikarus T3.1.1.49.0 2009.04.17 Trojan-Downloader.Win32.Renos
K7AntiVirus 7.10.704 2009.04.15 Trojan-Downloader.Win32.FraudLoad
Kaspersky 7.0.0.125 2009.04.17 Trojan-Downloader.Win32.FraudLoad.vkbk
McAfee 5586 2009.04.16 Generic Downloader.x
McAfee+Artemis 5586 2009.04.16 Generic Downloader.x
McAfee-GW-Edition 6.7.6 2009.04.17 Trojan.Dldr.FraudLoad.vjva
Microsoft 1.4502 2009.04.17 Trojan:Win32/FakeRean
NOD32 4016 2009.04.17 Win32/Adware.XPPoliceAntivirus
Norman 6.00.06 2009.04.17 W32/DLoader.NHMI
nProtect 2009.1.8.0 2009.04.17 Trojan-Downloader/W32.FraudLoad.73222
Panda 10.0.0.14 2009.04.17 Generic Trojan
PCTools 4.4.2.0 2009.04.17 Trojan-Downloader.FraudLoad!sd6
Prevx1 V2 2009.04.17 High Risk Cloaked Malware
Rising 21.25.42.00 2009.04.17 -
Sophos 4.40.0 2009.04.17 Mal/FakeVirPk-A
Sunbelt 3.2.1858.2 2009.04.17 Trojan-Downloader.Win32.FraudLoad.vkbk
Symantec 1.4.4.12 2009.04.17 -
TheHacker 6.3.4.0.309 2009.04.16 Trojan/Downloader.FraudLoad.vjsq
TrendMicro 8.700.0.1004 2009.04.17 TROJ_DLOADR.ZO
VBA32 3.12.10.2 2009.04.12 Malware-Cryptor.Win32.Xla.a
ViRobot 2009.4.17.1698 2009.04.17 -
VirusBuster 4.6.5.0 2009.04.16 Trojan.DL.FraudLoad.CLO
Additional information
File size: 73222 bytes
MD5...: 890bf32b34b7abab7aa7ea049215c429
SHA1..: 8c311a8b6096914f758bcaf82aca465bcc885110
SHA256: 10c67a1f05372c01451aa28d60ff08cd9ad62d77f680ad8bfb95c729608726bb
SHA512: 7fd141f04b5c61f5b371c257f79795ba300c065532ea81b6d3e605dd752d8317
1565a9d5cfd444fa621fd602b49717dac714a33de00a6a2019ef7f0f02fa3204
ssdeep: 1536:hfR4z4Rm4FigxzGIiAjbY+JDsmykILdKZN3ySinmrmuF540sKpr:t5igVSA
ntu9DKTiSmuFKLKpr
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.2%)
Clipper DOS Executable (9.1%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1701
timedatestamp.....: 0x49932a94 (Wed Feb 11 19:44:20 2009)
machinetype.......: 0x14c (I386)

( 2 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x12000 0x11200 7.99 1e11a43f38f5da60aada3eaafb4d8be1
.data 0x13000 0x14000 0x800 4.66 cd712318f6b45118ad83890b44f94b81

( 4 imports )
> KERNEL32.DLL: LocalHandle, Heap32ListFirst, GetModuleHandleA, GetLastError, UpdateResourceW, GetCommConfig, GetProfileStringW, OpenMutexW, ResumeThread, lstrcmpi, GetAtomNameW, GetProcessHeap, GetProcAddress, EndUpdateResourceW, ExpandEnvironmentStringsW, VirtualFreeEx, EraseTape, BackupWrite, LocalFree, ReadConsoleInputW, OpenWaitableTimerW, SetCalendarInfoW, LockFile, ExitProcess, DeleteFileA, VerLanguageNameW, SetDefaultCommConfigW, EnumCalendarInfoExW, GetCommandLineA
> USER32.DLL: LoadBitmapW, CharNextW, GetProcessWindowStation, RealChildWindowFromPoint, SetMenuInfo, CharLowerA, CreateDialogParamA, IsRectEmpty, MapVirtualKeyW, WINNLSGetEnableStatus, PostThreadMessageW, CreateMDIWindowW
> GDI32.DLL: GetClipRgn, RemoveFontResourceA, SetBkColor, ResetDCA, RectVisible, ExcludeClipRect, MaskBlt, GetMetaRgn, GetMiterLimit, BeginPath, PatBlt, LPtoDP
> ADVAPI32.DLL: GetCurrentHwProfileA, CryptDeriveKey, GetNamedSecurityInfoA, RegSetValueExA, CryptEnumProviderTypesA, GetPrivateObjectSecurity, CreateProcessAsUserW, RegEnumKeyA, RegSaveKeyA, AddAccessAllowedAce, CryptExportKey, CryptAcquireContextA, CryptCreateHash, CryptDecrypt, LookupPrivilegeDisplayNameA, ChangeServiceConfigW, ObjectOpenAuditAlarmA, CryptSetProviderExW, RegQueryValueExA, BuildTrusteeWithSidA, CryptHashData, CryptGetHashParam

( 0 exports )
RDS...: NSRL Reference Data Set
-
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=0D45271306FFFE9B1E3201DB6EDDDB002F858353
ThreatExpert info: http://www.threatexpert.com/report.aspx?md5=890bf32b34b7abab7aa7ea049215c429
CWSandbox info: http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=890bf32b34b7abab7aa7ea049215c429

ATENTION ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.

Scan another file