Virustotal. MD5: 53d15dc652a2534572981bab1e2eddf3 Gen:Trojan.Heur.3004FB9EBC TrojanDownloader:Win32/Bredolab.G Gen.Trojan!IK

Fil smona124337326143746815311 modtaget den 2009.05.26 21:32:30 (UTC)
Status: Færdig

Resultat: 6/40 (15.00%)

Antivirus	Version	Sidst opdateret	Resultat
a-squared	4.0.0.101	2009.05.26	Gen.Trojan!IK
AhnLab-V3	5.0.0.2	2009.05.26	-
AntiVir	7.9.0.168	2009.05.26	-
Antiy-AVL	2.0.3.1	2009.05.26	-
Authentium	5.1.2.4	2009.05.26	-
Avast	4.8.1335.0	2009.05.26	-
AVG	8.5.0.339	2009.05.26	-
BitDefender	7.2	2009.05.26	Gen:Trojan.Heur.3004FB9EBC
CAT-QuickHeal	10.00	2009.05.26	(Suspicious) - DNAScan
ClamAV	0.94.1	2009.05.26	-
Comodo	1203	2009.05.26	-
DrWeb	5.0.0.12182	2009.05.26	-
eSafe	7.0.17.0	2009.05.26	-
eTrust-Vet	31.6.6522	2009.05.26	-
F-Prot	4.4.4.56	2009.05.26	-
F-Secure	8.0.14470.0	2009.05.26	-
Fortinet	3.117.0.0	2009.05.26	-
GData	19	2009.05.26	Gen:Trojan.Heur.3004FB9EBC
Ikarus	T3.1.1.57.0	2009.05.26	-
K7AntiVirus	7.10.745	2009.05.26	-
Kaspersky	7.0.0.125	2009.05.26	-
McAfee	5627	2009.05.26	-
McAfee+Artemis	5627	2009.05.26	-
McAfee-GW-Edition	6.7.6	2009.05.26	-
Microsoft	1.4701	2009.05.26	TrojanDownloader:Win32/Bredolab.G
NOD32	4106	2009.05.26	-
Norman	6.01.05	2009.05.26	-
nProtect	2009.1.8.0	2009.05.26	-
Panda	10.0.0.14	2009.05.26	Suspicious file
PCTools	4.4.2.0	2009.05.21	-
Prevx	3.0	2009.05.26	-
Rising	21.31.14.00	2009.05.26	-
Sophos	4.42.0	2009.05.26	-
Sunbelt	3.2.1858.2	2009.05.25	-
Symantec	1.4.4.12	2009.05.26	-
TheHacker	6.3.4.3.332	2009.05.26	-
TrendMicro	8.950.0.1092	2009.05.26	-
VBA32	3.12.10.6	2009.05.26	-
ViRobot	2009.5.26.1753	2009.05.26	-
VirusBuster	4.6.5.0	2009.05.26	-

Supplerende information
File size: 52224 bytes
MD5 : 53d15dc652a2534572981bab1e2eddf3
SHA1 : f5c10f86bcb16cdb0a4c51a80b4c992aebc0adb4
SHA256: 8a45f57a2d32ee905c653bcd69aac18441602a82bc1a10690c38c9fa81c9ffde
PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x4EDC timedatestamp.....: 0x420F6FD8 (Sun Feb 13 16:18:48 2005) machinetype.......: 0x14C (Intel I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0xD000 0x5600 7.45 99f98c663745d9cb504142486408f5bb .idata 0xE000 0x1000 0x1000 4.74 1772aa01e5de3d536ca380610554fcb1 .rsrc 0xF000 0x7000 0x6200 5.41 73299d316de66af92298e0886486e70c ( 5 imports ) > advapi32.dll: LsaICLookupSids, GetSecurityInfoExA, CryptDecrypt, ElfReportEventA, RegQueryValueExA, RegEnumKeyW, AllocateAndInitializeSid, RegSetValueA, FreeSid, SetServiceObjectSecurity, QueryServiceConfig2A, DuplicateEncryptionInfoFile, AddAuditAccessAce, BuildImpersonateTrusteeA, CryptReleaseContext, RegSetValueA, WmiQuerySingleInstanceW, I_ScIsSecurityProcess, RemoveUsersFromEncryptedFile, DeleteService, BuildExplicitAccessWithNameA, BuildTrusteeWithObjectsAndSidW, ElfNumberOfRecords, ConvertStringSecurityDescriptorToSecurityDescriptorA, GetMultipleTrusteeOperationW, RegEnumKeyExW, ElfDeregisterEventSource, LsaOpenTrustedDomain > gdi32.dll: CreateBitmap, bInitSystemAndFontsDirectoriesW, GdiConvertFont, EngCreatePalette, MaskBlt, EngQueryLocalTime, EnumFontFamiliesExA, CreateEllipticRgn, CloseMetaFile, GetEnhMetaFileBits, SelectPalette, GetTextCharsetInfo, AngleArc, Polygon, EngPaint, SetTextColor, STROBJ_vEnumStart, AngleArc, EngQueryLocalTime, GetEnhMetaFileW, GetCurrentPositionEx, GetObjectW, EngGetDriverName, GdiQueryFonts, GetTextFaceW, Chord, EngDeleteSemaphore, CreateColorSpaceW, SetEnhMetaFileBits > kernel32.dll: SetLocalTime, VirtualProtectEx, GetComputerNameA, CreateDirectoryA, WriteConsoleOutputW, CompareFileTime, SetConsoleNlsMode, WinExec, GetOEMCP, FlushViewOfFile, OpenJobObjectA, CreateEventA, CreateProcessA, EnumResourceNamesA, RtlZeroMemory, IsBadHugeWritePtr, AddAtomW, InterlockedExchange, GetOverlappedResult, EnumCalendarInfoExW, QueryInformationJobObject > shell32.dll: ExtractIconExW, RegenerateUserEnvironment, DllCanUnloadNow, DragQueryFileW, SHAppBarMessage, InternalExtractIconListW, PrintersGetCommand_RunDLLW, SHLoadInProc, FreeIconList, SHHelpShortcuts_RunDLL, SHGetFileInfoA, SHGetPathFromIDListA, ExtractAssociatedIconW, CheckEscapesW, ShellExecuteW, SHCreateDirectoryExA, Control_RunDLLW, SHChangeNotifySuspendResume, SHHelpShortcuts_RunDLL, ExtractAssociatedIconExA, StrRChrIA, DllCanUnloadNow, StrStrA, SHFileOperationW, FindExecutableW, StrRChrA, SHChangeNotifySuspendResume > user32.dll: MapVirtualKeyA, GetNextDlgTabItem, GetMenuState, TileChildWindows, GetDlgItemTextA, IMPQueryIMEW, SendMessageA, LoadKeyboardLayoutW, CreateDialogIndirectParamW, OpenIcon, GetWindowModuleFileNameW, MapVirtualKeyA, GrayStringW, SetClassLongA, CopyRect, GetAltTabInfoW, QuerySendMessage, CloseWindowStation, GetFocus, GetClassLongA, LoadAcceleratorsW, GetWindowRect, IMPSetIMEA ( 0 exports )
TrID : File type identification Win32 Executable Generic (42.3%) Win32 Dynamic Link Library (generic) (37.6%) Generic Win/DOS Executable (9.9%) DOS Executable Generic (9.9%) VXD Driver (0.1%)
ThreatExpert: http://www.threatexpert.com/report.aspx?md5=53d15dc652a2534572981bab1e2eddf3
ssdeep: 1536:E3v+4/0rUQzFUem/XkOelw7WoTzTE31W/x:m3Qz7mt37WoTzTIgJ
PEiD : -
RDS : NSRL Reference Data Set -

Vær opmærksom på: VirusTotal er en gratis service lavet af Hispasec Sistemas. Der er ingen garanti for tilgængelighed og kontinuitet af denne service. Selvom opdagelse chancen der tilbydes af flere antivirus programmer er højre end den der tilbydes af kun et produkt garanteres det IKKE at resultatet af filen er uden for risiko. Lige nu er der ingen løsninger der tilbyder 100% effektivt opdagelse af virusser og malware..


	Virustotal er en service som analyserer mistænksomme filer og muliggør en hurtig opdagelse af vira, orme, trojans, og alle former for malware opdaget af antivirus programmer. Mere information...

Virustotal er en service som analyserer mistænksomme filer og muliggør en hurtig opdagelse af vira, orme, trojans, og alle former for malware opdaget af antivirus programmer. Mere information...