VirusTotal - Free Online Virus, Malware and URL Scanner

0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.

File name:

Lancraft_1.01b.exe

Submission date:

2010-03-07 17:36:25 (UTC)

Current status:

finished

Result:

2 /42 (4.8%)

VT Community

not reviewed
Safety score: -

Compact

Print results

Antivirus	Version	Last Update	Result
a-squared	4.5.0.50	2010.03.07	-
AhnLab-V3	5.0.0.2	2010.03.07	-
AntiVir	8.2.1.180	2010.03.05	-
Antiy-AVL	2.0.3.7	2010.03.05	-
Authentium	5.2.0.5	2010.03.06	-
Avast	4.8.1351.0	2010.03.07	-
Avast5	5.0.332.0	2010.03.07	-
AVG	9.0.0.787	2010.03.07	-
BitDefender	7.2	2010.03.07	-
CAT-QuickHeal	10.00	2010.03.06	Trojan.Agent.ATV
ClamAV	0.96.0.0-git	2010.03.06	-
Comodo	4091	2010.02.28	-
DrWeb	5.0.1.12222	2010.03.07	-
eSafe	7.0.17.0	2010.03.04	-
eTrust-Vet	35.2.7342	2010.03.05	-
F-Prot	4.5.1.85	2010.03.06	-
F-Secure	9.0.15370.0	2010.03.07	-
Fortinet	4.0.14.0	2010.03.07	-
GData	19	2010.03.07	-
Ikarus	T3.1.1.80.0	2010.03.07	-
Jiangmin	13.0.900	2010.03.07	-
K7AntiVirus	7.10.990	2010.03.04	-
Kaspersky	7.0.0.125	2010.03.07	-
McAfee	5912	2010.03.06	-
McAfee+Artemis	5912	2010.03.06	-
McAfee-GW-Edition	6.8.5	2010.03.07	-
Microsoft	1.5502	2010.03.07	-
NOD32	4922	2010.03.07	-
Norman	6.04.08	2010.03.07	-
nProtect	2009.1.8.0	2010.03.07	-
Panda	10.0.2.2	2010.03.07	-
PCTools	7.0.3.5	2010.03.04	-
Prevx	3.0	2010.03.07	-
Rising	22.37.06.04	2010.03.07	-
Sophos	4.51.0	2010.03.07	-
Sunbelt	5780	2010.03.07	-
Symantec	20091.2.0.41	2010.03.07	Suspicious.Insight
TheHacker	6.5.1.9.223	2010.03.07	-
TrendMicro	9.120.0.1004	2010.03.07	-
VBA32	3.12.12.2	2010.03.05	-
ViRobot	2010.3.5.2214	2010.03.05	-
VirusBuster	5.0.27.0	2010.03.06	-

Additional information
MD5 : df5bb64d780a1ac53b214d76308d8fb3
SHA1 : df1578f9ff257f365206ab16980e93c15ec0a8f5
SHA256: 3ab7fef02f4d5ede007ee5d5387e3fa36fea7a7c8cfff8cbf23ab907c1b09790
ssdeep: 12288:wDLhYRLp36WKVw/itN7E6ueFzd23zOGHU0BQH59WTD9xdhwY3:wZaKW2wca67B23zvlWC[lb]X9Z73
File size : 713216 bytes
First seen: 2008-01-24 21:16:50
Last seen : 2010-08-31 02:33:34
Magic: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
TrID: Win32 Executable Borland Delphi 7 (47.3%)[lb]Win32 Executable Borland Delphi 5 (31.9%)[lb]Win32 Executable Borland Delphi 6 (18.5%)[lb]Win32 Executable Delphi generic (1.0%)[lb]Win32 Executable Generic (0.6%)
sigcheck: publisher....: n/a[lb]copyright....: n/a[lb]product......: n/a[lb]description..: n/a[lb]original name: n/a[lb]internal name: n/a[lb]file version.: n/a[lb]comments.....: n/a[lb]signers......: -[lb]signing date.: -[lb]verified.....: Unsigned[lb]
PEiD: BobSoft Mini Delphi -> BoB / BobSoft
PEInfo: PE structure information [[ basic data ]] entrypointaddress: 0x6F33C timedatestamp....: 0x2A425E19 (Fri Jun 19 22:22:17 1992) machinetype......: 0x14C (Intel I386) [[ 8 section(s) ]] name, viradd, virsiz, rawdsiz, ntropy, md5 CODE, 0x1000, 0x6E3E0, 0x6E400, 6.56, 8f0d8f5e1f7a8f7fd960488f91cfd008 DATA, 0x70000, 0x42B8, 0x4400, 2.26, 6bdc7a416602a966ec7f5e94223bf862 BSS, 0x75000, 0x1E2D, 0x0, 0.0, d41d8cd98f00b204e9800998ecf8427e .idata, 0x77000, 0x24C0, 0x2600, 4.94, 5b6e3e574059640bec4a70c25a0bbe1d .tls, 0x7A000, 0x14, 0x0, 0.0, d41d8cd98f00b204e9800998ecf8427e .rdata, 0x7B000, 0x18, 0x200, 0.2, a567365290dc18f4330c2a5366799d9c .reloc, 0x7C000, 0x6988, 0x6A00, 6.66, 090c4820e63f937d2f0a5af25ed6fc12 .rsrc, 0x83000, 0x32400, 0x32400, 7.85, 33fc108901fb968256f4f4860fbb02e9 [[ 8 import(s) ]] advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey comctl32.dll: ImageList_SetIconSize, ImageList_GetIconSize, ImageList_Write, ImageList_Read, ImageList_GetDragImage, ImageList_DragShowNolock, ImageList_SetDragCursorImage, ImageList_DragMove, ImageList_DragLeave, ImageList_DragEnter, ImageList_EndDrag, ImageList_BeginDrag, ImageList_Remove, ImageList_DrawEx, ImageList_Draw, ImageList_GetBkColor, ImageList_SetBkColor, ImageList_ReplaceIcon, ImageList_Add, ImageList_GetImageCount, ImageList_Destroy, ImageList_Create gdi32.dll: UnrealizeObject, StretchBlt, SetWindowOrgEx, SetWinMetaFileBits, SetViewportOrgEx, SetTextColor, SetStretchBltMode, SetROP2, SetPixel, SetEnhMetaFileBits, SetDIBColorTable, SetBrushOrgEx, SetBkMode, SetBkColor, SelectPalette, SelectObject, SaveDC, RestoreDC, Rectangle, RectVisible, RealizePalette, PlayEnhMetaFile, PatBlt, MoveToEx, MaskBlt, LineTo, IntersectClipRect, GetWindowOrgEx, GetWinMetaFileBits, GetTextMetricsA, GetTextExtentPointA, GetTextExtentPoint32A, GetSystemPaletteEntries, GetStockObject, GetPixel, GetPaletteEntries, GetObjectA, GetEnhMetaFilePaletteEntries, GetEnhMetaFileHeader, GetEnhMetaFileBits, GetDeviceCaps, GetDIBits, GetDIBColorTable, GetDCOrgEx, GetCurrentPositionEx, GetClipBox, GetBrushOrgEx, GetBitmapBits, GdiFlush, ExcludeClipRect, DeleteObject, DeleteEnhMetaFile, DeleteDC, CreateSolidBrush, CreatePenIndirect, CreatePalette, CreateHalftonePalette, CreateFontIndirectA, CreateDIBitmap, CreateDIBSection, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, CopyEnhMetaFileA, BitBlt kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetCurrentThreadId, InterlockedDecrement, InterlockedIncrement, VirtualQuery, WideCharToMultiByte, MultiByteToWideChar, lstrlenA, lstrcpynA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, ExitProcess, ExitThread, CreateThread, WriteFile, UnhandledExceptionFilter, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetFileType, CreateFileA, CloseHandle oleaut32.dll: SysFreeString, SysReAllocStringLen, SysAllocStringLen shell32.dll: Shell_NotifyIconA user32.dll: GetKeyboardType, LoadStringA, MessageBoxA, CharNextA wsock32.dll: WSACleanup, WSAStartup, WSAGetLastError, WSACancelAsyncRequest, WSAAsyncGetServByName, WSAAsyncGetHostByName, WSAAsyncSelect, getservbyname, gethostbyname, socket, setsockopt, sendto, send, select, recvfrom, recv, ntohs, listen, ioctlsocket, inet_ntoa, inet_addr, htons, getsockopt, getpeername, connect, closesocket, bind, accept
CWSandbox: http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=df5bb64d780a1ac53b214d76308d8fb3
ThreatExpert: http://www.threatexpert.com/report.aspx?md5=df5bb64d780a1ac53b214d76308d8fb3

VT Community

This file has never been reviewed by any VT Community member. Be the first one to comment on it!

VirusTotal Team

Add your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments?

Goodware

Malware

Spam attachment/link

P2P download

Propagating via IM

Network worm

Drive-by-download

ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.

email
password
	Keep me logged in
	Signing in, please wait...
	Login failed, please try again

Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...