Srpski | Македонски | العربية | Suomi | ihMdI | 
| עברית | 
| Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Svenska | Português | Italiano | 
| 
| Magyar | Deutsch | Česky | Polski | Español | English
| עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español | English
|
Virustotal est un service qui analyse les fichiers suspects et facilite la détection rapide des virus, vers, chevaux de Troie et toutes sortes de malwares détectés par les moteurs antivirus. Plus d'informations... |
Fichier change_cnc3-key.exe reçu le 2008.12.03 03:54:58 (UTC)
Situation actuelle: terminé
Situation actuelle: terminé
Résultat: 26/37 (70.27%)
| Antivirus | Version | Dernière mise à jour | Résultat |
|---|---|---|---|
| AhnLab-V3 | 2008.12.2.2 | 2008.12.02 | - |
| AntiVir | 7.9.0.36 | 2008.12.02 | DR/Dldr.Small.agns |
| Authentium | 5.1.0.4 | 2008.12.02 | - |
| Avast | 4.8.1281.0 | 2008.12.02 | Win32:Trojan-gen {Other} |
| AVG | 8.0.0.199 | 2008.12.03 | Downloader.Generic_r.BT |
| BitDefender | 7.2 | 2008.12.03 | Trojan.Downloader.Small.ABER |
| CAT-QuickHeal | 10.00 | 2008.12.03 | - |
| ClamAV | 0.94.1 | 2008.12.02 | - |
| DrWeb | 4.44.0.09170 | 2008.12.03 | Trojan.Siggen.1115 |
| eSafe | 7.0.17.0 | 2008.12.02 | Win32.Small.agns |
| eTrust-Vet | 31.6.6240 | 2008.12.03 | - |
| Ewido | 4.0 | 2008.12.02 | - |
| F-Prot | 4.4.4.56 | 2008.12.02 | - |
| F-Secure | 8.0.14332.0 | 2008.12.03 | Trojan-Downloader.Win32.Small.agns |
| Fortinet | 3.117.0.0 | 2008.12.03 | PossibleThreat |
| GData | 19 | 2008.12.03 | Trojan.Downloader.Small.ABER |
| Ikarus | T3.1.1.45.0 | 2008.12.03 | Trojan-Downloader.Win32.Small |
| K7AntiVirus | 7.10.540 | 2008.12.02 | Packed.Win32.Monder.gen |
| Kaspersky | 7.0.0.125 | 2008.12.03 | Trojan-Downloader.Win32.Small.agns |
| McAfee | 5452 | 2008.12.02 | Generic Downloader.x |
| McAfee+Artemis | 5452 | 2008.12.02 | Generic Downloader.x |
| Microsoft | 1.4205 | 2008.12.03 | Trojan:Win32/Vundo.gen!AG |
| NOD32 | 3659 | 2008.12.02 | probably a variant of Win32/Kryptik.BJ |
| Norman | 5.80.02 | 2008.12.02 | W32/Smalltroj.IWCP.dropper |
| Panda | 9.0.0.4 | 2008.12.02 | Generic Trojan |
| PCTools | 4.4.2.0 | 2008.12.02 | Trojan-Downloader.Agent!sd6 |
| Prevx1 | V2 | 2008.12.03 | Malicious Software |
| Rising | 21.06.12.00 | 2008.12.02 | - |
| SecureWeb-Gateway | 6.7.6 | 2008.12.03 | Trojan.Dropper.Dldr.Small.agns |
| Sophos | 4.36.0 | 2008.12.03 | Sus/Behav-273 |
| Sunbelt | 3.1.1832.2 | 2008.12.01 | - |
| Symantec | 10 | 2008.12.03 | Downloader |
| TheHacker | 6.3.1.2.172 | 2008.12.02 | - |
| TrendMicro | 8.700.0.1004 | 2008.12.02 | PAK_Generic.001 |
| VBA32 | 3.12.8.10 | 2008.12.02 | Trojan-Downloader.Win32.Small.agns |
| ViRobot | 2008.12.2.1496 | 2008.12.02 | Spyware.Small.Do.249207 |
| VirusBuster | 4.5.11.0 | 2008.12.02 | - |
| Information additionnelle |
|---|
| File size: 249207 bytes |
| MD5...: 7225361c6bac963c971f1e8ba6441732 |
| SHA1..: 4ff267037e71c6bdc873415ad5e957cdda5d8803 |
| SHA256: d75b24e1565e5e2e067d60f8a42f146c1b00da906c0e8733ddebb25fde27a8d1 |
| SHA512: aa8f6005d7293d61addfa8a5c7bdf7f3c95a6a02f0ecbca89753ec50645ca5dd 9d73d34fa2a5bf8c0e23f898415763e6b44588c6b6e1189f8b6f51ccb42446b4 |
| ssdeep: 3072:Z8U2yJN5f661xRZbALxB1Ojdgx8GYWHcNk0eMD4Ix01WRvXwpAJT3oP1Elb qP2m6:Z8U2qy6rRZb7jxGYW8Nk0u16/Y6wPVW |
| PEiD..: - |
| TrID..: File type identification WinRAR Self Extracting archive (95.7%) Win32 Executable Generic (1.5%) Win32 Dynamic Link Library (generic) (1.4%) Win32 Executable Watcom C++ (generic) (0.4%) Generic Win/DOS Executable (0.3%) |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x401000 timedatestamp.....: 0x4623462a (Mon Apr 16 09:47:22 2007) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x14000 0x13600 6.44 c5df2bcf4cb444a9ce3abf40dc2ae79f .data 0x15000 0x7000 0xa00 4.92 fe3e541d125dbe299f892385c2f9e9c8 .idata 0x1c000 0x1000 0x1000 5.12 37eade5359d82bcd800d9cf089c501ff .rsrc 0x1d000 0x4000 0x3c00 4.71 87390a753fe986dd8d412862ac8693b6 ( 8 imports ) > ADVAPI32.DLL: AdjustTokenPrivileges, LookupPrivilegeValueA, OpenProcessToken, RegCloseKey, RegCreateKeyExA, RegOpenKeyExA, RegQueryValueExA, RegSetValueExA, SetFileSecurityA, SetFileSecurityW > KERNEL32.DLL: CloseHandle, CompareStringA, CreateDirectoryA, CreateDirectoryW, CreateFileA, CreateFileW, DeleteFileA, DeleteFileW, DosDateTimeToFileTime, ExitProcess, ExpandEnvironmentStringsA, FileTimeToLocalFileTime, FileTimeToSystemTime, FindClose, FindFirstFileA, FindFirstFileW, FindNextFileA, FindNextFileW, FindResourceA, FreeLibrary, GetCPInfo, GetCommandLineA, GetCurrentDirectoryA, GetCurrentProcess, GetDateFormatA, GetFileAttributesA, GetFileAttributesW, GetFileType, GetFullPathNameA, GetLastError, GetLocaleInfoA, GetModuleFileNameA, GetModuleHandleA, GetNumberFormatA, GetProcAddress, GetProcessHeap, GetStdHandle, GetTempPathA, GetTickCount, GetTimeFormatA, GetVersionExA, GlobalAlloc, HeapAlloc, HeapFree, HeapReAlloc, IsDBCSLeadByte, LoadLibraryA, LocalFileTimeToFileTime, MoveFileA, MoveFileExA, MultiByteToWideChar, ReadFile, SetCurrentDirectoryA, SetEndOfFile, SetEnvironmentVariableA, SetFileAttributesA, SetFileAttributesW, SetFilePointer, SetFileTime, SetLastError, Sleep, SystemTimeToFileTime, WaitForSingleObject, WideCharToMultiByte, WriteFile, lstrcmpiA, lstrlenA > COMCTL32.DLL: - > COMDLG32.DLL: CommDlgExtendedError, GetOpenFileNameA, GetSaveFileNameA > GDI32.DLL: DeleteObject > SHELL32.DLL: SHBrowseForFolderA, SHChangeNotify, SHFileOperationA, SHGetFileInfoA, SHGetMalloc, SHGetSpecialFolderLocation, ShellExecuteExA, SHGetPathFromIDListA > USER32.DLL: CharToOemA, CharToOemBuffA, CharUpperA, CopyRect, CreateWindowExA, DefWindowProcA, DestroyIcon, DestroyWindow, DialogBoxParamA, DispatchMessageA, EnableWindow, EndDialog, FindWindowExA, GetClassNameA, GetClientRect, GetDlgItem, GetDlgItemTextA, GetMessageA, GetParent, GetSysColor, GetSystemMetrics, GetWindow, GetWindowLongA, GetWindowRect, GetWindowTextA, IsWindow, IsWindowVisible, LoadBitmapA, LoadCursorA, LoadIconA, LoadStringA, MapWindowPoints, MessageBoxA, OemToCharA, OemToCharBuffA, PeekMessageA, PostMessageA, RegisterClassExA, SendDlgItemMessageA, SendMessageA, SetDlgItemTextA, SetFocus, SetMenu, SetWindowLongA, SetWindowPos, SetWindowTextA, ShowWindow, TranslateMessage, UpdateWindow, WaitForInputIdle, wsprintfA, wvsprintfA > OLE32.DLL: CLSIDFromString, CoCreateInstance, CreateStreamOnHGlobal, OleInitialize, OleUninitialize ( 0 exports ) |
| Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=E38A2E3D77BDA8FFCD84033B74741300FB28EA32 |
| Norman Sandbox: [ General information ] * **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**. * Creating several executable files on hard-drive. * File length: 249207 bytes. [ Changes to filesystem ] * Creates directory C:. * Creates directory C:\WINDOWS. * Creates file C:\WINDOWS\__tmp_rar_sfx_access_check_511. * Deletes file __tmp_rar_sfx_access_check_511. * Creates file C:\WINDOWS\readme.bat. * Creates file C:\WINDOWS\serial.exe. * Creates file C:\WINDOWS\crack.exe. * Creates file C:\WINDOWS\number.exe. * Creates file C:\WINDOWS\keygen.exe. [ Process/window information ] * Creates a dialogbox with caption \"WinRAR self-extracting archive\". * Buttons found in dialogbox: id102[278,156]\"Bro&wse...\" id1[211,207]\"Install\" id2[278,207]\"Cancel\" . * Creates a dialogbox with caption \"License\". * Buttons found in dialogbox: id1[211,207]\"Accept\" id2[278,207]\"Decline\" . * Pressing button with id 1 \"Accept\". * Pressing button with id 1 \"Install\". * Attempts to open CLSID {0000002C-5994-0005-320F-4243693F4000}. * Attemps to NULL C:\WINDOWS\readme.bat NULL. * Creates process \"CMD.EXE\". * Creates process \"serial.exe\". [ Signature Scanning ] * C:\WINDOWS\readme.bat (46 bytes) : no signature detection. * C:\WINDOWS\serial.exe (9728 bytes) : no signature detection. * C:\WINDOWS\crack.exe (59392 bytes) : W32/Smalltroj.IWCP. |
| ThreatExpert info: http://www.threatexpert.com/report.aspx?md5=7225361c6bac963c971f1e8ba6441732 |
| packers (Kaspersky): PE_Patch.UPX, UPX |
| CWSandbox info: http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=7225361c6bac963c971f1e8ba6441732 |
| packers (F-Prot): RAR, UPX |
ATTENTION:
VirusTotal est un service gratuit offert par Hispasec Sistemas. Il n'y a aucune garantie quant à la disponibilité et la continuité de ce service. Bien que le taux de détection permis par l'utilisation de multiples moteurs antivirus soit bien supérieur à celui offert par seulement un produit, ces résultats NE garantissent PAS qu'un fichier est sans danger. Il n'y a actuellement aucune solution qui offre un taux d'efficacité de 100% pour la détection des virus et malwares.
