Srpski | Македонски | العربية | Suomi | ihMdI | 
| עברית | 
| Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | 
| 
| Magyar | Deutsch | Česky | Polski | Español
| עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español
|
Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information... |
File 1256760719.exe received on 2009.11.02 23:02:35 (UTC)
Current status: finished
Current status: finished
Result: 21/41 (51.22%)
| Antivirus | Version | Last Update | Result |
|---|---|---|---|
| a-squared | 4.5.0.41 | 2009.11.02 | Trojan.Win32.Cosmu!IK |
| AhnLab-V3 | 5.0.0.2 | 2009.11.02 | - |
| AntiVir | 7.9.1.53 | 2009.11.02 | TR/Spy.89600.47 |
| Antiy-AVL | 2.0.3.7 | 2009.11.02 | - |
| Authentium | 5.1.2.4 | 2009.11.02 | - |
| Avast | 4.8.1351.0 | 2009.11.02 | Win32:Alureon-DR |
| AVG | 8.5.0.423 | 2009.11.02 | Win32/Cryptor |
| BitDefender | 7.2 | 2009.11.02 | Gen:Trojan.Heur.TDSS.fuW@kmu8piki |
| CAT-QuickHeal | 10.00 | 2009.11.02 | - |
| ClamAV | 0.94.1 | 2009.11.02 | - |
| Comodo | 2819 | 2009.11.02 | TrojWare.Win32.Trojan.Agent.Gen |
| DrWeb | 5.0.0.12182 | 2009.11.02 | BackDoor.Tdss.based.1 |
| eSafe | 7.0.17.0 | 2009.11.02 | Suspicious File |
| eTrust-Vet | 35.1.7098 | 2009.11.02 | Win32/Alureon.AMU |
| F-Prot | 4.5.1.85 | 2009.11.02 | - |
| F-Secure | 9.0.15370.0 | 2009.10.30 | - |
| Fortinet | 3.120.0.0 | 2009.11.02 | W32/Cosmu.COH!tr |
| GData | 19 | 2009.11.02 | Gen:Trojan.Heur.TDSS.fuW@kmu8piki |
| Ikarus | T3.1.1.72.0 | 2009.11.02 | Trojan.Win32.Cosmu |
| Jiangmin | 11.0.800 | 2009.11.02 | - |
| K7AntiVirus | 7.10.886 | 2009.11.02 | - |
| Kaspersky | 7.0.0.125 | 2009.11.02 | Trojan.Win32.Cosmu.coh |
| McAfee | 5790 | 2009.11.02 | - |
| McAfee+Artemis | 5790 | 2009.11.02 | Artemis!A5FAA6F202D9 |
| McAfee-GW-Edition | 6.8.5 | 2009.11.02 | Trojan.Spy.89600.47 |
| Microsoft | 1.5202 | 2009.11.02 | Trojan:Win32/Meredrop |
| NOD32 | 4566 | 2009.11.02 | a variant of Win32/Olmarik.PJ |
| Norman | 6.03.02 | 2009.11.02 | - |
| nProtect | 2009.1.8.0 | 2009.11.02 | - |
| Panda | 10.0.2.2 | 2009.11.02 | Trj/CI.A |
| PCTools | 7.0.3.5 | 2009.11.02 | - |
| Prevx | 3.0 | 2009.11.03 | - |
| Rising | 21.54.04.00 | 2009.11.02 | - |
| Sophos | 4.47.0 | 2009.11.02 | Mal/TDSSPack-U |
| Sunbelt | 3.2.1858.2 | 2009.11.02 | Packed.Win32.Tdss.Gen (v) |
| Symantec | 1.4.4.12 | 2009.11.02 | - |
| TheHacker | 6.5.0.2.058 | 2009.10.31 | - |
| TrendMicro | 8.950.0.1094 | 2009.11.02 | - |
| VBA32 | 3.12.10.11 | 2009.11.02 | - |
| ViRobot | 2009.11.2.2017 | 2009.11.02 | Trojan.Win32.Cosmu.89600 |
| VirusBuster | 4.6.5.0 | 2009.11.02 | - |
| Additional information |
|---|
| File size: 89600 bytes |
| MD5 : a5faa6f202d97dbba08436c74062887c |
| SHA1 : a7a3bdc8a01a0ed9c5674cfb712dd142ec78bd49 |
| SHA256: b255af06d7c23264290e0d2dd1547d5a0b95b5362e0cd0788cd12867d434533a |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x14FA timedatestamp.....: 0x4AE91125 (Thu Oct 29 04:51:01 2009) machinetype.......: 0x14C (Intel I386) ( 5 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x35B8 0x3600 7.59 dbf851e949a1a1f3305ae07a64b3c94e .rdata 0x5000 0x303D 0x3200 7.45 e40daf8109c7afca22329f242d733ba4 .data 0x9000 0x4E3B 0x5000 7.83 3f128b2d16e1b35022de1b0384e27e23 .rsrc 0xE000 0x9E64 0xA000 7.89 8faffac784945a84b33d510cdd646f82 .reloc 0x18000 0x3E 0x200 1.00 5641ccfd36c2f7831b51f58b2912a56e ( 4 imports ) > kernel32.dll: VirtualAlloc, WriteProcessMemory, CreateFiber, ExitProcess, MoveFileWithProgressA, GetWindowsDirectoryW, GetFileAttributesW, LockResource, RaiseException, GetAtomNameW, CreateFileA, VirtualFree, VirtualProtect, InterlockedExchangeAdd, UnregisterWait, GetModuleHandleW, GetTimeZoneInformation, PulseEvent, LoadLibraryA, GetLastError, GetMailslotInfo, FileTimeToLocalFileTime, DeleteFiber, GetFileAttributesA, CompareStringW, GetEnvironmentVariableW, GetModuleHandleA > msvcrt.dll: memcpy, _wtempnam, _ismbclower, ___7__non_rtti_object@@6B@, strcat, rand, is_wctype, _ismbcl0, __argv, getenv, _getche, _i64tow, srand, atol, putwc > user32.dll: GetWindowLongW, PostQuitMessage, GetNextDlgTabItem, GetWindowRect, SendMessageW, RemoveMenu, LoadIconW, GetSystemMetrics, GetMessageW, UpdateWindow, CreateDialogParamW, CreateWindowExW, SetWindowPlacement, GetDC, DrawTextW, MonitorFromWindow, MessageBoxW, ReleaseDC > winmm.dll: waveInStop, mmioCreateChunk, midiInClose, auxSetVolume, waveOutGetID, midiOutGetDevCapsA, mmioStringToFOURCCW, midiStreamOut, NotifyCallbackData, auxGetVolume, waveInStart, mmioDescend, waveInGetErrorTextA, mciLoadCommandResource, midiOutCacheDrumPatches, midiStreamOpen, sndPlaySoundA ( 1 exports ) > KshVjrrdfdKgrdlGskvv, FcSqewSsrsrojUjc, FpizVrbettnLpwf, ZftvwIzayvbzSilevBu, JghxavFrzdpaEjmwOau |
| TrID : File type identification Win32 Executable MS Visual C++ (generic) (75.0%) Win32 Executable Generic (16.9%) Generic Win/DOS Executable (3.9%) DOS Executable Generic (3.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) |
| ThreatExpert: http://www.threatexpert.com/report.aspx?md5=a5faa6f202d97dbba08436c74062887c |
| ssdeep: 1536:jKlOA4/ll/59fMC/rGMcdHbwpS1suturcQMUoaA+LTXKGlx:jKlO3/bEcCN7wuqrcQoaAylx |
| Prevx Info: http://info.prevx.com/aboutprogramtext.asp?PX5=2E840FB4003167C25E7F0166E932FE00A14E6371 |
| PEiD : - |
| RDS : NSRL Reference Data Set - |
ATTENTION:
VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
