Srpski | Македонски | العربية | Suomi | ihMdI | 
| עברית | 
| Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | 
| 
| Magyar | Deutsch | Česky | Polski | Español | English
| עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | | | Magyar | Deutsch | Česky | Polski | Español | English
|
Virustotal è un servizio che analizza files sospetti e permette la rapida identificazione di virus, worms, trojans, e di tutti i tipi di malware rilevati dai motori antivirus. Più informazioni... |
File Isw.COM ricevuto il 2008.08.30 09:04:09 (UTC)
Stato corrente: finito
Stato corrente: finito
Risultato: 21/36 (58.33%)
| Antivirus | Versione | Ultimo aggiornamento | Risultato |
|---|---|---|---|
| AhnLab-V3 | 2008.8.29.0 | 2008.08.29 | - |
| AntiVir | 7.8.1.23 | 2008.08.29 | TR/ATRAPS.Gen |
| Authentium | 5.1.0.4 | 2008.08.30 | - |
| Avast | 4.8.1195.0 | 2008.08.29 | Win32:OnLineGames-BKC |
| AVG | 8.0.0.161 | 2008.08.29 | - |
| BitDefender | 7.2 | 2008.08.30 | BehavesLike:Trojan.ShellHook |
| CAT-QuickHeal | 9.50 | 2008.08.29 | (Suspicious) - DNAScan |
| ClamAV | 0.93.1 | 2008.08.30 | - |
| DrWeb | 4.44.0.09170 | 2008.08.29 | Trojan.PWS.Gamania.origin |
| eSafe | 7.0.17.0 | 2008.08.28 | Suspicious File |
| eTrust-Vet | 31.6.6057 | 2008.08.29 | - |
| Ewido | 4.0 | 2008.08.29 | - |
| F-Prot | 4.4.4.56 | 2008.08.29 | - |
| F-Secure | 7.60.13501.0 | 2008.08.30 | W32/Malware |
| Fortinet | 3.14.0.0 | 2008.08.30 | - |
| GData | 19 | 2008.08.30 | Win32:OnLineGames-BKC |
| Ikarus | T3.1.1.34.0 | 2008.08.30 | Virus.Win32.OnLineGames.AHK |
| K7AntiVirus | 7.10.432 | 2008.08.29 | Trojan.Win32.Malware.1 |
| Kaspersky | 7.0.0.125 | 2008.08.30 | - |
| McAfee | 5373 | 2008.08.29 | - |
| Microsoft | 1.3807 | 2008.08.25 | PWS:Win32/Gamania.gen!D |
| NOD32v2 | 3401 | 2008.08.30 | a variant of Win32/PSW.OnLineGames.NNS |
| Norman | 5.80.02 | 2008.08.29 | W32/Malware |
| Panda | 9.0.0.4 | 2008.08.29 | Suspicious file |
| PCTools | 4.4.2.0 | 2008.08.29 | Packed/BeRo |
| Prevx1 | V2 | 2008.08.30 | - |
| Rising | 20.59.51.00 | 2008.08.30 | Packer.Win32.PePatch.d |
| Sophos | 4.33.0 | 2008.08.30 | Mal/LineDLL-B |
| Sunbelt | 3.1.1592.1 | 2008.08.30 | - |
| Symantec | 10 | 2008.08.30 | - |
| TheHacker | 6.3.0.6.068 | 2008.08.30 | - |
| TrendMicro | 8.700.0.1004 | 2008.08.29 | Cryp_Bero |
| VBA32 | 3.12.8.4 | 2008.08.29 | MalwareScope.Trojan-PSW.Game.13 |
| ViRobot | 2008.8.29.1355 | 2008.08.29 | - |
| VirusBuster | 4.5.11.0 | 2008.08.29 | Packed/BeRo |
| Webwasher-Gateway | 6.6.2 | 2008.08.29 | Trojan.ATRAPS.Gen |
| Informazioni addizionali |
|---|
| File size: 87552 bytes |
| MD5...: 623ce118b366c99a887ab2fedbf899d1 |
| SHA1..: 3b58aee7445f10c553d23a859a96ac1a651290e5 |
| SHA256: d302d14a5d607d0fb7e710f8fd28c8dd1fbaa279abc9713b8c939d73febbd64d |
| SHA512: b38ca745735beca46a729c38c0a96934cae317dc0a5f987259928c2ea9671b1c 529c141ae71c2c73377afff8e77fb925c1250ab479a2a60493cf9074252c289e |
| PEiD..: BeRoEXEPacker v1.00 [LZMA] -> BeRo / Farbrausch |
| TrID..: File type identification Generic Win/DOS Executable (40.0%) DOS Executable Generic (39.9%) Maple Common Binary file (generic) (20.0%) |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x43405f timedatestamp.....: 0x48b4c20c (Wed Aug 27 02:55:08 2008) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 packerBY 0x1000 0x32001 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e bero_fr 0x34000 0x15069 0x15200 7.99 e42add9d782e2a1b0078c9c29a926a26 .rsrc 0x4a000 0x8000 0x200 1.48 5d1f640a19dc57bbc0d205d683a30615 ( 1 imports ) > kernel32.dll: LoadLibraryA, GetProcAddress ( 0 exports ) |
| Norman Sandbox: [ General information ] * **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**. * Accesses executable file from resource section. * File length: 87552 bytes. [ Changes to filesystem ] * Creates file C:\WINDOWS\2.bat. * Deletes file %0. * Creates file C:\WINDOWS\Debug\92F54D81A560.dll. [ Changes to registry ] * Creates key \"HKCR\CLSID\{D468BE53-03E2-4294-8967-CB67C9990F1B}\". * Sets value \"\"=\"fsvdf\" in key \"HKCR\CLSID\{D468BE53-03E2-4294-8967-CB67C9990F1B}\". * Creates key \"HKCR\CLSID\{D468BE53-03E2-4294-8967-CB67C9990F1B}\InProcServer32\". * Sets value \"\"=\"C:\WINDOWS\Debug\92F54D81A560.dll\" in key \"HKCR\CLSID\{D468BE53-03E2-4294-8967-CB67C9990F1B}\InProcServer32\". * Sets value \"ThrEaDiNgModEL\"=\"aPaRTmEnT\" in key \"HKCR\CLSID\{D468BE53-03E2-4294-8967-CB67C9990F1B}\InProcServer32\". [ Network ] * Hooks into Shell explorer. [ Process/window information ] * Creates a mutex 2B75625A. * Creates process \"CMD.EXE\". |
| packers (Avast): BeRoEXE, UPX |
| packers (Kaspersky): BeRo, PE_Patch.UPX, UPX, PE_Patch.MaskPE |
| packers (F-Prot): BeRo |
ATTENZIONE:
VirusTotal è un servizio gratuito offerto da Hispasec Sistemas. Non esiste garanzia circa la disponibilità e la continuità di questo servizio. Nonostante il livello di identificazione conseguito da multipli motori antivirus sia molto superiore a quello offerto dal singolo prodotto, questi risultati NON garantiscono la sicurezza di un file. Attualmente, non esiste soluzione che offra certezza al 100% sull'identificazione di virus e malware.
