Virustotal. MD5: 7f936275e56fcf1459582037e2c63346 Backdoor.Trojan potentially unwanted program HideWindow RiskTool.Win32.HideWindows

Fil wejhjkkkl.exe modtaget den 2009.02.27 18:20:07 (UTC)
Status: Færdig

Resultat: 26/39 (66.67%)

Antivirus	Version	Sidst opdateret	Resultat
a-squared	4.0.0.101	2009.02.27	Backdoor.IRC.Cloner!IK
AhnLab-V3	5.0.0.2	2009.02.27	-
AntiVir	7.9.0.98	2009.02.27	-
Authentium	5.1.0.4	2009.02.27	W32/RiskTool.B
Avast	4.8.1335.0	2009.02.26	Win32:Hidewnd
AVG	8.0.0.237	2009.02.27	BackDoor.Generic_c.CKD
BitDefender	7.2	2009.02.27	Generic.IRC.Autorun.B8FA0FB8
CAT-QuickHeal	10.00	2009.02.27	-
ClamAV	0.94.1	2009.02.27	Trojan.IRC.Flood.AQ
Comodo	986	2009.02.20	-
DrWeb	4.44.0.09170	2009.02.27	Trojan.Flood.22016
eSafe	7.0.17.0	2009.02.26	-
eTrust-Vet	31.6.6376	2009.02.27	-
F-Prot	4.4.4.56	2009.02.26	W32/RiskTool.B
F-Secure	8.0.14470.0	2009.02.27	RiskTool.Win32.HideWindows
Fortinet	3.117.0.0	2009.02.27	HackerTool/HideWindow
GData	19	2009.02.27	Generic.IRC.Autorun.B8FA0FB8
Ikarus	T3.1.1.45.0	2009.02.27	Backdoor.IRC.Cloner
K7AntiVirus	7.10.649	2009.02.27	-
Kaspersky	7.0.0.125	2009.02.27	not-a-virus:RiskTool.Win32.HideWindows
McAfee	5537	2009.02.26	-
McAfee+Artemis	5537	2009.02.26	potentially unwanted program HideWindow
Microsoft	1.4306	2009.02.27	Backdoor:IRC/Cloner.gen
NOD32	3894	2009.02.27	Win32/HideWindow
Norman	6.00.06	2009.02.27	-
nProtect	2009.1.8.0	2009.02.27	Trojan/W32.MultiDrop.28672
Panda	10.0.0.10	2009.02.26	Application/HideWindow.A
PCTools	4.4.2.0	2009.02.27	Trojan.DR.Duckirc.Gen
Prevx1	V2	2009.02.27	Medium Risk Malware
Rising	21.18.42.00	2009.02.27	Trojan.Zapchast.fx
SecureWeb-Gateway	6.7.6	2009.02.27	Riskware.HideWindows.C
Sophos	4.39.0	2009.02.27	HideWindow
Sunbelt	3.2.1858.2	2009.02.26	-
Symantec	10	2009.02.27	Backdoor.Trojan
TheHacker	6.3.2.5.267	2009.02.27	-
TrendMicro	8.700.0.1004	2009.02.27	-
VBA32	3.12.10.1	2009.02.26	BackDoor.IRC.based
ViRobot	2009.2.27.1627	2009.02.27	-
VirusBuster	4.5.11.0	2009.02.27	Trojan.DR.Duckirc.Gen

Supplerende information
File size: 687526 bytes
MD5...: 7f936275e56fcf1459582037e2c63346
SHA1..: d54d230ed0794de3b823b455cdcf80d9658a07c4
SHA256: 8d3a43aa145be7a786111efb4304f701caeb33722c545c6ab13c85ca6cc1752b
SHA512: 1cd42718ff0f891616e41c313c0359e0fd8ac2b0f8b40fd2f114d2073e7cea6c 43714a61bd2536cd6c53e680ec955076a21d6be343046dfe2dde090e981aa306
ssdeep: 12288:otiHpX2T2fjwLYjFEsLcr+mQmZ4Jrswbzluk4xZINP8tImGKLe1:otiH7r wLYREsrgwbzluk4HMP8tLW
PEiD..: -
TrID..: File type identification Win32 Executable Generic (38.4%) Win32 Dynamic Link Library (generic) (34.1%) Win16/32 Executable Delphi generic (9.3%) Generic Win/DOS Executable (9.0%) DOS Executable Generic (9.0%)
PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x3738 timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992) machinetype.......: 0x14c (I386) ( 8 sections ) name viradd virsiz rawdsiz ntrpy md5 CODE 0x1000 0x2758 0x2800 6.39 906cdb6c0f818236f086256d17fdd4f0 DATA 0x4000 0x7c 0x200 1.38 57924606c597d3d52efc1cd38ea49a5c BSS 0x5000 0x490 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e .idata 0x6000 0x4b4 0x600 3.68 c09b47b532fa32ab5049c9abd2722fd5 .tls 0x7000 0x8 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e .rdata 0x8000 0x18 0x200 0.20 6502060af55c4ac4fd43b718ee5a9fa7 .reloc 0x9000 0x2c4 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e .rsrc 0xa000 0xbb18 0xbc00 7.51 b7d22d1a1b5b1acfbdf0f66ca528b36d ( 4 imports ) > kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, TlsSetValue, TlsGetValue, GetModuleHandleA, GetModuleFileNameA, GetLastError, GetCommandLineA, WriteFile, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetFileType, ExitProcess, CreateFileA, CloseHandle > user32.dll: MessageBoxA > kernel32.dll: WriteFile, SizeofResource, LockResource, LoadResource, LoadLibraryA, GetTempPathA, GetTempFileNameA, GetProcAddress, FreeResource, FreeLibrary, FindResourceA, FindFirstFileA, FindClose, FileTimeToLocalFileTime, FileTimeToDosDateTime, DeleteFileA, CreateFileA, CloseHandle > user32.dll: TranslateMessage, PeekMessageA, MessageBoxA, GetActiveWindow, DispatchMessageA ( 0 exports )
packers (Kaspersky): Petite, ASPack
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=2E736838655F337804A3006C42A3D7004CC3A244
packers (F-Prot): embedded, Aspack, CAB
packers (Authentium): CAB, CAB
packers (Avast): Petite

Vær opmærksom på: VirusTotal er en gratis service lavet af Hispasec Sistemas. Der er ingen garanti for tilgængelighed og kontinuitet af denne service. Selvom opdagelse chancen der tilbydes af flere antivirus programmer er højre end den der tilbydes af kun et produkt garanteres det IKKE at resultatet af filen er uden for risiko. Lige nu er der ingen løsninger der tilbyder 100% effektivt opdagelse af virusser og malware..


	Virustotal er en service som analyserer mistænksomme filer og muliggør en hurtig opdagelse af vira, orme, trojans, og alle former for malware opdaget af antivirus programmer. Mere information...

Virustotal er en service som analyserer mistænksomme filer og muliggør en hurtig opdagelse af vira, orme, trojans, og alle former for malware opdaget af antivirus programmer. Mere information...