Srpski | Македонски | العربية | Suomi | ihMdI | 
| עברית | 
| Slovenščina | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | 
| 
| Magyar | Deutsch | Česky | Polski | Español | English
| עברית | | Slovenščina | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español | English
|
Virustotal er en service som analyserer mistænksomme filer og muliggør en hurtig opdagelse af vira, orme, trojans, og alle former for malware opdaget af antivirus programmer. Mere information... |
Fil change_cnc3-key.exe modtaget den 2008.12.03 03:54:58 (UTC)
Status: Færdig
Status: Færdig
Resultat: 26/37 (70.27%)
| Antivirus | Version | Sidst opdateret | Resultat |
|---|---|---|---|
| AhnLab-V3 | 2008.12.2.2 | 2008.12.02 | - |
| AntiVir | 7.9.0.36 | 2008.12.02 | DR/Dldr.Small.agns |
| Authentium | 5.1.0.4 | 2008.12.02 | - |
| Avast | 4.8.1281.0 | 2008.12.02 | Win32:Trojan-gen {Other} |
| AVG | 8.0.0.199 | 2008.12.03 | Downloader.Generic_r.BT |
| BitDefender | 7.2 | 2008.12.03 | Trojan.Downloader.Small.ABER |
| CAT-QuickHeal | 10.00 | 2008.12.03 | - |
| ClamAV | 0.94.1 | 2008.12.02 | - |
| DrWeb | 4.44.0.09170 | 2008.12.03 | Trojan.Siggen.1115 |
| eSafe | 7.0.17.0 | 2008.12.02 | Win32.Small.agns |
| eTrust-Vet | 31.6.6240 | 2008.12.03 | - |
| Ewido | 4.0 | 2008.12.02 | - |
| F-Prot | 4.4.4.56 | 2008.12.02 | - |
| F-Secure | 8.0.14332.0 | 2008.12.03 | Trojan-Downloader.Win32.Small.agns |
| Fortinet | 3.117.0.0 | 2008.12.03 | PossibleThreat |
| GData | 19 | 2008.12.03 | Trojan.Downloader.Small.ABER |
| Ikarus | T3.1.1.45.0 | 2008.12.03 | Trojan-Downloader.Win32.Small |
| K7AntiVirus | 7.10.540 | 2008.12.02 | Packed.Win32.Monder.gen |
| Kaspersky | 7.0.0.125 | 2008.12.03 | Trojan-Downloader.Win32.Small.agns |
| McAfee | 5452 | 2008.12.02 | Generic Downloader.x |
| McAfee+Artemis | 5452 | 2008.12.02 | Generic Downloader.x |
| Microsoft | 1.4205 | 2008.12.03 | Trojan:Win32/Vundo.gen!AG |
| NOD32 | 3659 | 2008.12.02 | probably a variant of Win32/Kryptik.BJ |
| Norman | 5.80.02 | 2008.12.02 | W32/Smalltroj.IWCP.dropper |
| Panda | 9.0.0.4 | 2008.12.02 | Generic Trojan |
| PCTools | 4.4.2.0 | 2008.12.02 | Trojan-Downloader.Agent!sd6 |
| Prevx1 | V2 | 2008.12.03 | Malicious Software |
| Rising | 21.06.12.00 | 2008.12.02 | - |
| SecureWeb-Gateway | 6.7.6 | 2008.12.03 | Trojan.Dropper.Dldr.Small.agns |
| Sophos | 4.36.0 | 2008.12.03 | Sus/Behav-273 |
| Sunbelt | 3.1.1832.2 | 2008.12.01 | - |
| Symantec | 10 | 2008.12.03 | Downloader |
| TheHacker | 6.3.1.2.172 | 2008.12.02 | - |
| TrendMicro | 8.700.0.1004 | 2008.12.02 | PAK_Generic.001 |
| VBA32 | 3.12.8.10 | 2008.12.02 | Trojan-Downloader.Win32.Small.agns |
| ViRobot | 2008.12.2.1496 | 2008.12.02 | Spyware.Small.Do.249207 |
| VirusBuster | 4.5.11.0 | 2008.12.02 | - |
| Supplerende information |
|---|
| File size: 249207 bytes |
| MD5...: 7225361c6bac963c971f1e8ba6441732 |
| SHA1..: 4ff267037e71c6bdc873415ad5e957cdda5d8803 |
| SHA256: d75b24e1565e5e2e067d60f8a42f146c1b00da906c0e8733ddebb25fde27a8d1 |
| SHA512: aa8f6005d7293d61addfa8a5c7bdf7f3c95a6a02f0ecbca89753ec50645ca5dd 9d73d34fa2a5bf8c0e23f898415763e6b44588c6b6e1189f8b6f51ccb42446b4 |
| ssdeep: 3072:Z8U2yJN5f661xRZbALxB1Ojdgx8GYWHcNk0eMD4Ix01WRvXwpAJT3oP1Elb qP2m6:Z8U2qy6rRZb7jxGYW8Nk0u16/Y6wPVW |
| PEiD..: - |
| TrID..: File type identification WinRAR Self Extracting archive (95.7%) Win32 Executable Generic (1.5%) Win32 Dynamic Link Library (generic) (1.4%) Win32 Executable Watcom C++ (generic) (0.4%) Generic Win/DOS Executable (0.3%) |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x401000 timedatestamp.....: 0x4623462a (Mon Apr 16 09:47:22 2007) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x14000 0x13600 6.44 c5df2bcf4cb444a9ce3abf40dc2ae79f .data 0x15000 0x7000 0xa00 4.92 fe3e541d125dbe299f892385c2f9e9c8 .idata 0x1c000 0x1000 0x1000 5.12 37eade5359d82bcd800d9cf089c501ff .rsrc 0x1d000 0x4000 0x3c00 4.71 87390a753fe986dd8d412862ac8693b6 ( 8 imports ) > ADVAPI32.DLL: AdjustTokenPrivileges, LookupPrivilegeValueA, OpenProcessToken, RegCloseKey, RegCreateKeyExA, RegOpenKeyExA, RegQueryValueExA, RegSetValueExA, SetFileSecurityA, SetFileSecurityW > KERNEL32.DLL: CloseHandle, CompareStringA, CreateDirectoryA, CreateDirectoryW, CreateFileA, CreateFileW, DeleteFileA, DeleteFileW, DosDateTimeToFileTime, ExitProcess, ExpandEnvironmentStringsA, FileTimeToLocalFileTime, FileTimeToSystemTime, FindClose, FindFirstFileA, FindFirstFileW, FindNextFileA, FindNextFileW, FindResourceA, FreeLibrary, GetCPInfo, GetCommandLineA, GetCurrentDirectoryA, GetCurrentProcess, GetDateFormatA, GetFileAttributesA, GetFileAttributesW, GetFileType, GetFullPathNameA, GetLastError, GetLocaleInfoA, GetModuleFileNameA, GetModuleHandleA, GetNumberFormatA, GetProcAddress, GetProcessHeap, GetStdHandle, GetTempPathA, GetTickCount, GetTimeFormatA, GetVersionExA, GlobalAlloc, HeapAlloc, HeapFree, HeapReAlloc, IsDBCSLeadByte, LoadLibraryA, LocalFileTimeToFileTime, MoveFileA, MoveFileExA, MultiByteToWideChar, ReadFile, SetCurrentDirectoryA, SetEndOfFile, SetEnvironmentVariableA, SetFileAttributesA, SetFileAttributesW, SetFilePointer, SetFileTime, SetLastError, Sleep, SystemTimeToFileTime, WaitForSingleObject, WideCharToMultiByte, WriteFile, lstrcmpiA, lstrlenA > COMCTL32.DLL: - > COMDLG32.DLL: CommDlgExtendedError, GetOpenFileNameA, GetSaveFileNameA > GDI32.DLL: DeleteObject > SHELL32.DLL: SHBrowseForFolderA, SHChangeNotify, SHFileOperationA, SHGetFileInfoA, SHGetMalloc, SHGetSpecialFolderLocation, ShellExecuteExA, SHGetPathFromIDListA > USER32.DLL: CharToOemA, CharToOemBuffA, CharUpperA, CopyRect, CreateWindowExA, DefWindowProcA, DestroyIcon, DestroyWindow, DialogBoxParamA, DispatchMessageA, EnableWindow, EndDialog, FindWindowExA, GetClassNameA, GetClientRect, GetDlgItem, GetDlgItemTextA, GetMessageA, GetParent, GetSysColor, GetSystemMetrics, GetWindow, GetWindowLongA, GetWindowRect, GetWindowTextA, IsWindow, IsWindowVisible, LoadBitmapA, LoadCursorA, LoadIconA, LoadStringA, MapWindowPoints, MessageBoxA, OemToCharA, OemToCharBuffA, PeekMessageA, PostMessageA, RegisterClassExA, SendDlgItemMessageA, SendMessageA, SetDlgItemTextA, SetFocus, SetMenu, SetWindowLongA, SetWindowPos, SetWindowTextA, ShowWindow, TranslateMessage, UpdateWindow, WaitForInputIdle, wsprintfA, wvsprintfA > OLE32.DLL: CLSIDFromString, CoCreateInstance, CreateStreamOnHGlobal, OleInitialize, OleUninitialize ( 0 exports ) |
| Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=E38A2E3D77BDA8FFCD84033B74741300FB28EA32 |
| Norman Sandbox: [ General information ] * **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**. * Creating several executable files on hard-drive. * File length: 249207 bytes. [ Changes to filesystem ] * Creates directory C:. * Creates directory C:\WINDOWS. * Creates file C:\WINDOWS\__tmp_rar_sfx_access_check_511. * Deletes file __tmp_rar_sfx_access_check_511. * Creates file C:\WINDOWS\readme.bat. * Creates file C:\WINDOWS\serial.exe. * Creates file C:\WINDOWS\crack.exe. * Creates file C:\WINDOWS\number.exe. * Creates file C:\WINDOWS\keygen.exe. [ Process/window information ] * Creates a dialogbox with caption \"WinRAR self-extracting archive\". * Buttons found in dialogbox: id102[278,156]\"Bro&wse...\" id1[211,207]\"Install\" id2[278,207]\"Cancel\" . * Creates a dialogbox with caption \"License\". * Buttons found in dialogbox: id1[211,207]\"Accept\" id2[278,207]\"Decline\" . * Pressing button with id 1 \"Accept\". * Pressing button with id 1 \"Install\". * Attempts to open CLSID {0000002C-5994-0005-320F-4243693F4000}. * Attemps to NULL C:\WINDOWS\readme.bat NULL. * Creates process \"CMD.EXE\". * Creates process \"serial.exe\". [ Signature Scanning ] * C:\WINDOWS\readme.bat (46 bytes) : no signature detection. * C:\WINDOWS\serial.exe (9728 bytes) : no signature detection. * C:\WINDOWS\crack.exe (59392 bytes) : W32/Smalltroj.IWCP. |
| ThreatExpert info: http://www.threatexpert.com/report.aspx?md5=7225361c6bac963c971f1e8ba6441732 |
| packers (Kaspersky): PE_Patch.UPX, UPX |
| CWSandbox info: http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=7225361c6bac963c971f1e8ba6441732 |
| packers (F-Prot): RAR, UPX |
Vær opmærksom på:
VirusTotal er en gratis service lavet af Hispasec Sistemas. Der er ingen garanti for tilgængelighed og kontinuitet af denne service. Selvom opdagelse chancen der tilbydes af flere antivirus programmer er højre end den der tilbydes af kun et produkt garanteres det IKKE at resultatet af filen er uden for risiko. Lige nu er der ingen løsninger der tilbyder 100% effektivt opdagelse af virusser og malware..
