|
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware.
1 VT Community user(s) with a total of 1 reputation credit(s) say(s) this sample is malware.
File name: BC21082A9CCE3A1AC1E95E9C3A9454B4.Submission date: 2010-07-26 22:15:08 (UTC)Current status: finishedResult:
9
/42 (21.4%) |
VT Community
 malware Safety score: 0.0% |
| Antivirus | Version | Last Update | Result |
|---|---|---|---|
| AhnLab-V3 | 2010.07.26.00 | 2010.07.26 | Trojan/Win32.Bredolab |
| AntiVir | 8.2.4.26 | 2010.07.26 | - |
| Antiy-AVL | 2.0.3.7 | 2010.07.26 | - |
| Authentium | 5.2.0.5 | 2010.07.26 | W32/Agent.GX.gen!Eldorado |
| Avast | 4.8.1351.0 | 2010.07.26 | - |
| Avast5 | 5.0.332.0 | 2010.07.26 | - |
| AVG | 9.0.0.851 | 2010.07.26 | - |
| BitDefender | 7.2 | 2010.07.26 | - |
| CAT-QuickHeal | 11.00 | 2010.07.26 | (Suspicious) - DNAScan |
| ClamAV | 0.96.0.3-git | 2010.07.26 | - |
| Comodo | 5547 | 2010.07.26 | - |
| DrWeb | 5.0.2.03300 | 2010.07.26 | - |
| Emsisoft | 5.0.0.34 | 2010.07.26 | - |
| eSafe | 7.0.17.0 | 2010.07.26 | - |
| eTrust-Vet | 36.1.7738 | 2010.07.26 | - |
| F-Prot | 4.6.1.107 | 2010.07.26 | W32/Agent.GX.gen!Eldorado |
| F-Secure | 9.0.15370.0 | 2010.07.26 | - |
| Fortinet | 4.1.143.0 | 2010.07.24 | - |
| GData | 21 | 2010.07.26 | - |
| Ikarus | T3.1.1.84.0 | 2010.07.26 | - |
| Jiangmin | 13.0.900 | 2010.07.26 | - |
| Kaspersky | 7.0.0.125 | 2010.07.26 | - |
| McAfee | 5.400.0.1158 | 2010.07.26 | - |
| McAfee-GW-Edition | 2010.1 | 2010.07.26 | Heuristic.BehavesLike.Win32.AdSpyware.H |
| Microsoft | 1.6004 | 2010.07.26 | - |
| NOD32 | 5315 | 2010.07.26 | a variant of Win32/Kryptik.FQY |
| Norman | 6.05.11 | 2010.07.26 | Waledac.FCC |
| nProtect | 2010-07-26.02 | 2010.07.26 | - |
| Panda | 10.0.2.7 | 2010.07.26 | Bck/Bredolab.AZ |
| PCTools | 7.0.3.5 | 2010.07.26 | - |
| Prevx | 3.0 | 2010.07.26 | - |
| Rising | 22.58.00.04 | 2010.07.26 | - |
| Sophos | 4.55.0 | 2010.07.26 | - |
| Sunbelt | 6644 | 2010.07.26 | Trojan.Win32.Generic.pak!cobra |
| SUPERAntiSpyware | 4.40.0.1006 | 2010.07.26 | - |
| Symantec | 20101.1.1.7 | 2010.07.26 | - |
| TheHacker | 6.5.2.1.325 | 2010.07.26 | - |
| TrendMicro | 9.120.0.1004 | 2010.07.26 | - |
| TrendMicro-HouseCall | 9.120.0.1004 | 2010.07.26 | - |
| VBA32 | 3.12.12.6 | 2010.07.26 | - |
| ViRobot | 2010.7.26.3960 | 2010.07.26 | - |
| VirusBuster | 5.0.27.0 | 2010.07.26 | - |
Additional information
|
|---|
| MD5 : bc21082a9cce3a1ac1e95e9c3a9454b4 |
| SHA1 : 5ec99483b69995dea3bb597ea6f9dfe0aaf68bb6 |
| SHA256: 0efe35211d5cd6225af2b61b8c8638b84bde915c6eddf8b9697eca5b862e9b70 |
| ssdeep: 384:amREWtccccccccccccccccccccccccccccccccccccccccccccccccccccccccc5:amREM7[*lb*]UTyiWygrCxse6 |
| File size : 27648 bytes |
| First seen: 2010-07-26 22:15:08 |
| Last seen : 2010-07-26 22:15:08 |
| Magic: PE32 executable for MS Windows (GUI) Intel 80386 32-bit |
| TrID: Win32 Executable Generic (42.3%)[*lb*]Win32 Dynamic Link Library (generic) (37.6%)[*lb*]Generic Win/DOS Executable (9.9%)[*lb*]DOS Executable Generic (9.9%)[*lb*]Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) |
| sigcheck: publisher....: n/a[*lb*]copyright....: n/a[*lb*]product......: n/a[*lb*]description..: n/a[*lb*]original name: n/a[*lb*]internal name: n/a[*lb*]file version.: n/a[*lb*]comments.....: n/a[*lb*]signers......: -[*lb*]signing date.: -[*lb*]verified.....: Unsigned[*lb*] |
| PEiD: - |
| PEInfo: PE structure information [[ basic data ]] entrypointaddress: 0x107C timedatestamp....: 0x4C49E920 (Fri Jul 23 19:10:24 2010) machinetype......: 0x14C (Intel I386) [[ 4 section(s) ]] name, viradd, virsiz, rawdsiz, ntropy, md5 .text, 0x1000, 0x259E, 0x2600, 3.24, b8a5a220b53ec75582913c0b25afa9ba .rdata, 0x4000, 0x5E9, 0x600, 3.47, cb72a747b6029aa722232369299f64a3 .data, 0x5000, 0x1462, 0x400, 2.04, 1914b6343fb5fe129f3532acc3acc614 .rsrc, 0x7000, 0x64C0, 0x3800, 6.26, 4599b0bc6caaa47374d2f2b36f576be7 [[ 2 import(s) ]] gdi32.dll: SetPixel, GetBkColor, DeleteObject, GetTextColor, CreateCompatibleDC, GetTextMetricsA, GetObjectA, SetROP2, GetPixel, MoveToEx, SelectObject, GetDeviceCaps, CreateSolidBrush, PatBlt, CreateFontIndirectA, GetTextExtentPoint32A, BitBlt, LineTo, SetBkMode kernel32.dll: GetProcAddress, LoadLibraryA, CloseHandle, GetModuleHandleA, CreateEventA, FreeLibrary, GetStdHandle, GetCommandLineA, GetLastError, GetVersionExA, LocalAlloc, GetStartupInfoA, lstrlenA, lstrcatA, LocalFree, Sleep, GlobalFree, lstrcpyA, GetTickCount, GlobalAlloc |
| Symantec reputation:Suspicious.Insight |
VT Community
Was this comment helpful?
Yes (1) |
No (0) |
Report abuse
Reported as abuseful
Add your comment...
Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so.
How to markup your comments?
You can add basic styles to your comments using the following accepted bbcode tags:
[b]text[/b] -- bold
[i]text[/i] -- italics
[u]text[/u] -- underline
[s]text[/s] -- strikethrough
[code]text[/code] - preformatted text
You can also address comments to particular users using the "@" twitter-like mode. By prepending a "#" symbol to a word you can add custom tags to your comment, tags that can then be searched for.
[b]text[/b] -- bold
[i]text[/i] -- italics
[u]text[/u] -- underline
[s]text[/s] -- strikethrough
[code]text[/code] - preformatted text
You can also address comments to particular users using the "@" twitter-like mode. By prepending a "#" symbol to a word you can add custom tags to your comment, tags that can then be searched for.
ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.