Srpski | Македонски | العربية | Suomi | ihMdI | 
| עברית | 
| Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Svenska | Português | Italiano | 
| 
| Magyar | Deutsch | Česky | Polski | Español | English
| עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español | English
|
Virustotal est un service qui analyse les fichiers suspects et facilite la détection rapide des virus, vers, chevaux de Troie et toutes sortes de malwares détectés par les moteurs antivirus. Plus d'informations... |
Fichier Isw.COM reçu le 2008.08.30 09:04:09 (UTC)
Situation actuelle: terminé
Situation actuelle: terminé
Résultat: 21/36 (58.33%)
| Antivirus | Version | Dernière mise à jour | Résultat |
|---|---|---|---|
| AhnLab-V3 | 2008.8.29.0 | 2008.08.29 | - |
| AntiVir | 7.8.1.23 | 2008.08.29 | TR/ATRAPS.Gen |
| Authentium | 5.1.0.4 | 2008.08.30 | - |
| Avast | 4.8.1195.0 | 2008.08.29 | Win32:OnLineGames-BKC |
| AVG | 8.0.0.161 | 2008.08.29 | - |
| BitDefender | 7.2 | 2008.08.30 | BehavesLike:Trojan.ShellHook |
| CAT-QuickHeal | 9.50 | 2008.08.29 | (Suspicious) - DNAScan |
| ClamAV | 0.93.1 | 2008.08.30 | - |
| DrWeb | 4.44.0.09170 | 2008.08.29 | Trojan.PWS.Gamania.origin |
| eSafe | 7.0.17.0 | 2008.08.28 | Suspicious File |
| eTrust-Vet | 31.6.6057 | 2008.08.29 | - |
| Ewido | 4.0 | 2008.08.29 | - |
| F-Prot | 4.4.4.56 | 2008.08.29 | - |
| F-Secure | 7.60.13501.0 | 2008.08.30 | W32/Malware |
| Fortinet | 3.14.0.0 | 2008.08.30 | - |
| GData | 19 | 2008.08.30 | Win32:OnLineGames-BKC |
| Ikarus | T3.1.1.34.0 | 2008.08.30 | Virus.Win32.OnLineGames.AHK |
| K7AntiVirus | 7.10.432 | 2008.08.29 | Trojan.Win32.Malware.1 |
| Kaspersky | 7.0.0.125 | 2008.08.30 | - |
| McAfee | 5373 | 2008.08.29 | - |
| Microsoft | 1.3807 | 2008.08.25 | PWS:Win32/Gamania.gen!D |
| NOD32v2 | 3401 | 2008.08.30 | a variant of Win32/PSW.OnLineGames.NNS |
| Norman | 5.80.02 | 2008.08.29 | W32/Malware |
| Panda | 9.0.0.4 | 2008.08.29 | Suspicious file |
| PCTools | 4.4.2.0 | 2008.08.29 | Packed/BeRo |
| Prevx1 | V2 | 2008.08.30 | - |
| Rising | 20.59.51.00 | 2008.08.30 | Packer.Win32.PePatch.d |
| Sophos | 4.33.0 | 2008.08.30 | Mal/LineDLL-B |
| Sunbelt | 3.1.1592.1 | 2008.08.30 | - |
| Symantec | 10 | 2008.08.30 | - |
| TheHacker | 6.3.0.6.068 | 2008.08.30 | - |
| TrendMicro | 8.700.0.1004 | 2008.08.29 | Cryp_Bero |
| VBA32 | 3.12.8.4 | 2008.08.29 | MalwareScope.Trojan-PSW.Game.13 |
| ViRobot | 2008.8.29.1355 | 2008.08.29 | - |
| VirusBuster | 4.5.11.0 | 2008.08.29 | Packed/BeRo |
| Webwasher-Gateway | 6.6.2 | 2008.08.29 | Trojan.ATRAPS.Gen |
| Information additionnelle |
|---|
| File size: 87552 bytes |
| MD5...: 623ce118b366c99a887ab2fedbf899d1 |
| SHA1..: 3b58aee7445f10c553d23a859a96ac1a651290e5 |
| SHA256: d302d14a5d607d0fb7e710f8fd28c8dd1fbaa279abc9713b8c939d73febbd64d |
| SHA512: b38ca745735beca46a729c38c0a96934cae317dc0a5f987259928c2ea9671b1c 529c141ae71c2c73377afff8e77fb925c1250ab479a2a60493cf9074252c289e |
| PEiD..: BeRoEXEPacker v1.00 [LZMA] -> BeRo / Farbrausch |
| TrID..: File type identification Generic Win/DOS Executable (40.0%) DOS Executable Generic (39.9%) Maple Common Binary file (generic) (20.0%) |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x43405f timedatestamp.....: 0x48b4c20c (Wed Aug 27 02:55:08 2008) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 packerBY 0x1000 0x32001 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e bero_fr 0x34000 0x15069 0x15200 7.99 e42add9d782e2a1b0078c9c29a926a26 .rsrc 0x4a000 0x8000 0x200 1.48 5d1f640a19dc57bbc0d205d683a30615 ( 1 imports ) > kernel32.dll: LoadLibraryA, GetProcAddress ( 0 exports ) |
| Norman Sandbox: [ General information ] * **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**. * Accesses executable file from resource section. * File length: 87552 bytes. [ Changes to filesystem ] * Creates file C:\WINDOWS\2.bat. * Deletes file %0. * Creates file C:\WINDOWS\Debug\92F54D81A560.dll. [ Changes to registry ] * Creates key \"HKCR\CLSID\{D468BE53-03E2-4294-8967-CB67C9990F1B}\". * Sets value \"\"=\"fsvdf\" in key \"HKCR\CLSID\{D468BE53-03E2-4294-8967-CB67C9990F1B}\". * Creates key \"HKCR\CLSID\{D468BE53-03E2-4294-8967-CB67C9990F1B}\InProcServer32\". * Sets value \"\"=\"C:\WINDOWS\Debug\92F54D81A560.dll\" in key \"HKCR\CLSID\{D468BE53-03E2-4294-8967-CB67C9990F1B}\InProcServer32\". * Sets value \"ThrEaDiNgModEL\"=\"aPaRTmEnT\" in key \"HKCR\CLSID\{D468BE53-03E2-4294-8967-CB67C9990F1B}\InProcServer32\". [ Network ] * Hooks into Shell explorer. [ Process/window information ] * Creates a mutex 2B75625A. * Creates process \"CMD.EXE\". |
| packers (Avast): BeRoEXE, UPX |
| packers (Kaspersky): BeRo, PE_Patch.UPX, UPX, PE_Patch.MaskPE |
| packers (F-Prot): BeRo |
ATTENTION:
VirusTotal est un service gratuit offert par Hispasec Sistemas. Il n'y a aucune garantie quant à la disponibilité et la continuité de ce service. Bien que le taux de détection permis par l'utilisation de multiples moteurs antivirus soit bien supérieur à celui offert par seulement un produit, ces résultats NE garantissent PAS qu'un fichier est sans danger. Il n'y a actuellement aucune solution qui offre un taux d'efficacité de 100% pour la détection des virus et malwares.
