Srpski | Македонски | العربية | Suomi | ihMdI | 
| עברית | 
| Slovenščina | Dansk | Русский | Română | Türkçe | Ελληνικά | Français | Svenska | Português | Italiano | 
| 
| Magyar | Deutsch | Česky | Polski | Español | English
| עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español | English
|
Virustotal is een gratis dienst die verdachte bestanden scant en zorgt voor dat de laatste virussen, wormen, en alle andere soorten malware snel gedetecteerd kunnen worden. Meer informatie... |
Bestand change_cnc3-key.exe ontvangen op 2008.12.03 03:54:58 (UTC)
Huidig status: Einde
Huidig status: Einde
Resultaat: 26/37 (70.27%)
| Antivirus | Versie | Laatst geüpdatet | Resultaat |
|---|---|---|---|
| AhnLab-V3 | 2008.12.2.2 | 2008.12.02 | - |
| AntiVir | 7.9.0.36 | 2008.12.02 | DR/Dldr.Small.agns |
| Authentium | 5.1.0.4 | 2008.12.02 | - |
| Avast | 4.8.1281.0 | 2008.12.02 | Win32:Trojan-gen {Other} |
| AVG | 8.0.0.199 | 2008.12.03 | Downloader.Generic_r.BT |
| BitDefender | 7.2 | 2008.12.03 | Trojan.Downloader.Small.ABER |
| CAT-QuickHeal | 10.00 | 2008.12.03 | - |
| ClamAV | 0.94.1 | 2008.12.02 | - |
| DrWeb | 4.44.0.09170 | 2008.12.03 | Trojan.Siggen.1115 |
| eSafe | 7.0.17.0 | 2008.12.02 | Win32.Small.agns |
| eTrust-Vet | 31.6.6240 | 2008.12.03 | - |
| Ewido | 4.0 | 2008.12.02 | - |
| F-Prot | 4.4.4.56 | 2008.12.02 | - |
| F-Secure | 8.0.14332.0 | 2008.12.03 | Trojan-Downloader.Win32.Small.agns |
| Fortinet | 3.117.0.0 | 2008.12.03 | PossibleThreat |
| GData | 19 | 2008.12.03 | Trojan.Downloader.Small.ABER |
| Ikarus | T3.1.1.45.0 | 2008.12.03 | Trojan-Downloader.Win32.Small |
| K7AntiVirus | 7.10.540 | 2008.12.02 | Packed.Win32.Monder.gen |
| Kaspersky | 7.0.0.125 | 2008.12.03 | Trojan-Downloader.Win32.Small.agns |
| McAfee | 5452 | 2008.12.02 | Generic Downloader.x |
| McAfee+Artemis | 5452 | 2008.12.02 | Generic Downloader.x |
| Microsoft | 1.4205 | 2008.12.03 | Trojan:Win32/Vundo.gen!AG |
| NOD32 | 3659 | 2008.12.02 | probably a variant of Win32/Kryptik.BJ |
| Norman | 5.80.02 | 2008.12.02 | W32/Smalltroj.IWCP.dropper |
| Panda | 9.0.0.4 | 2008.12.02 | Generic Trojan |
| PCTools | 4.4.2.0 | 2008.12.02 | Trojan-Downloader.Agent!sd6 |
| Prevx1 | V2 | 2008.12.03 | Malicious Software |
| Rising | 21.06.12.00 | 2008.12.02 | - |
| SecureWeb-Gateway | 6.7.6 | 2008.12.03 | Trojan.Dropper.Dldr.Small.agns |
| Sophos | 4.36.0 | 2008.12.03 | Sus/Behav-273 |
| Sunbelt | 3.1.1832.2 | 2008.12.01 | - |
| Symantec | 10 | 2008.12.03 | Downloader |
| TheHacker | 6.3.1.2.172 | 2008.12.02 | - |
| TrendMicro | 8.700.0.1004 | 2008.12.02 | PAK_Generic.001 |
| VBA32 | 3.12.8.10 | 2008.12.02 | Trojan-Downloader.Win32.Small.agns |
| ViRobot | 2008.12.2.1496 | 2008.12.02 | Spyware.Small.Do.249207 |
| VirusBuster | 4.5.11.0 | 2008.12.02 | - |
| Extra informatie |
|---|
| File size: 249207 bytes |
| MD5...: 7225361c6bac963c971f1e8ba6441732 |
| SHA1..: 4ff267037e71c6bdc873415ad5e957cdda5d8803 |
| SHA256: d75b24e1565e5e2e067d60f8a42f146c1b00da906c0e8733ddebb25fde27a8d1 |
| SHA512: aa8f6005d7293d61addfa8a5c7bdf7f3c95a6a02f0ecbca89753ec50645ca5dd 9d73d34fa2a5bf8c0e23f898415763e6b44588c6b6e1189f8b6f51ccb42446b4 |
| ssdeep: 3072:Z8U2yJN5f661xRZbALxB1Ojdgx8GYWHcNk0eMD4Ix01WRvXwpAJT3oP1Elb qP2m6:Z8U2qy6rRZb7jxGYW8Nk0u16/Y6wPVW |
| PEiD..: - |
| TrID..: File type identification WinRAR Self Extracting archive (95.7%) Win32 Executable Generic (1.5%) Win32 Dynamic Link Library (generic) (1.4%) Win32 Executable Watcom C++ (generic) (0.4%) Generic Win/DOS Executable (0.3%) |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x401000 timedatestamp.....: 0x4623462a (Mon Apr 16 09:47:22 2007) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x14000 0x13600 6.44 c5df2bcf4cb444a9ce3abf40dc2ae79f .data 0x15000 0x7000 0xa00 4.92 fe3e541d125dbe299f892385c2f9e9c8 .idata 0x1c000 0x1000 0x1000 5.12 37eade5359d82bcd800d9cf089c501ff .rsrc 0x1d000 0x4000 0x3c00 4.71 87390a753fe986dd8d412862ac8693b6 ( 8 imports ) > ADVAPI32.DLL: AdjustTokenPrivileges, LookupPrivilegeValueA, OpenProcessToken, RegCloseKey, RegCreateKeyExA, RegOpenKeyExA, RegQueryValueExA, RegSetValueExA, SetFileSecurityA, SetFileSecurityW > KERNEL32.DLL: CloseHandle, CompareStringA, CreateDirectoryA, CreateDirectoryW, CreateFileA, CreateFileW, DeleteFileA, DeleteFileW, DosDateTimeToFileTime, ExitProcess, ExpandEnvironmentStringsA, FileTimeToLocalFileTime, FileTimeToSystemTime, FindClose, FindFirstFileA, FindFirstFileW, FindNextFileA, FindNextFileW, FindResourceA, FreeLibrary, GetCPInfo, GetCommandLineA, GetCurrentDirectoryA, GetCurrentProcess, GetDateFormatA, GetFileAttributesA, GetFileAttributesW, GetFileType, GetFullPathNameA, GetLastError, GetLocaleInfoA, GetModuleFileNameA, GetModuleHandleA, GetNumberFormatA, GetProcAddress, GetProcessHeap, GetStdHandle, GetTempPathA, GetTickCount, GetTimeFormatA, GetVersionExA, GlobalAlloc, HeapAlloc, HeapFree, HeapReAlloc, IsDBCSLeadByte, LoadLibraryA, LocalFileTimeToFileTime, MoveFileA, MoveFileExA, MultiByteToWideChar, ReadFile, SetCurrentDirectoryA, SetEndOfFile, SetEnvironmentVariableA, SetFileAttributesA, SetFileAttributesW, SetFilePointer, SetFileTime, SetLastError, Sleep, SystemTimeToFileTime, WaitForSingleObject, WideCharToMultiByte, WriteFile, lstrcmpiA, lstrlenA > COMCTL32.DLL: - > COMDLG32.DLL: CommDlgExtendedError, GetOpenFileNameA, GetSaveFileNameA > GDI32.DLL: DeleteObject > SHELL32.DLL: SHBrowseForFolderA, SHChangeNotify, SHFileOperationA, SHGetFileInfoA, SHGetMalloc, SHGetSpecialFolderLocation, ShellExecuteExA, SHGetPathFromIDListA > USER32.DLL: CharToOemA, CharToOemBuffA, CharUpperA, CopyRect, CreateWindowExA, DefWindowProcA, DestroyIcon, DestroyWindow, DialogBoxParamA, DispatchMessageA, EnableWindow, EndDialog, FindWindowExA, GetClassNameA, GetClientRect, GetDlgItem, GetDlgItemTextA, GetMessageA, GetParent, GetSysColor, GetSystemMetrics, GetWindow, GetWindowLongA, GetWindowRect, GetWindowTextA, IsWindow, IsWindowVisible, LoadBitmapA, LoadCursorA, LoadIconA, LoadStringA, MapWindowPoints, MessageBoxA, OemToCharA, OemToCharBuffA, PeekMessageA, PostMessageA, RegisterClassExA, SendDlgItemMessageA, SendMessageA, SetDlgItemTextA, SetFocus, SetMenu, SetWindowLongA, SetWindowPos, SetWindowTextA, ShowWindow, TranslateMessage, UpdateWindow, WaitForInputIdle, wsprintfA, wvsprintfA > OLE32.DLL: CLSIDFromString, CoCreateInstance, CreateStreamOnHGlobal, OleInitialize, OleUninitialize ( 0 exports ) |
| Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=E38A2E3D77BDA8FFCD84033B74741300FB28EA32 |
| Norman Sandbox: [ General information ] * **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**. * Creating several executable files on hard-drive. * File length: 249207 bytes. [ Changes to filesystem ] * Creates directory C:. * Creates directory C:\WINDOWS. * Creates file C:\WINDOWS\__tmp_rar_sfx_access_check_511. * Deletes file __tmp_rar_sfx_access_check_511. * Creates file C:\WINDOWS\readme.bat. * Creates file C:\WINDOWS\serial.exe. * Creates file C:\WINDOWS\crack.exe. * Creates file C:\WINDOWS\number.exe. * Creates file C:\WINDOWS\keygen.exe. [ Process/window information ] * Creates a dialogbox with caption \"WinRAR self-extracting archive\". * Buttons found in dialogbox: id102[278,156]\"Bro&wse...\" id1[211,207]\"Install\" id2[278,207]\"Cancel\" . * Creates a dialogbox with caption \"License\". * Buttons found in dialogbox: id1[211,207]\"Accept\" id2[278,207]\"Decline\" . * Pressing button with id 1 \"Accept\". * Pressing button with id 1 \"Install\". * Attempts to open CLSID {0000002C-5994-0005-320F-4243693F4000}. * Attemps to NULL C:\WINDOWS\readme.bat NULL. * Creates process \"CMD.EXE\". * Creates process \"serial.exe\". [ Signature Scanning ] * C:\WINDOWS\readme.bat (46 bytes) : no signature detection. * C:\WINDOWS\serial.exe (9728 bytes) : no signature detection. * C:\WINDOWS\crack.exe (59392 bytes) : W32/Smalltroj.IWCP. |
| ThreatExpert info: http://www.threatexpert.com/report.aspx?md5=7225361c6bac963c971f1e8ba6441732 |
| packers (Kaspersky): PE_Patch.UPX, UPX |
| CWSandbox info: http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=7225361c6bac963c971f1e8ba6441732 |
| packers (F-Prot): RAR, UPX |
AANDACHT:
VirusTotal is een gratis dienst aangeboden door Hispasec Sistemas. Er zijn geen garanties over de beschikbaarheid of het voortbestaan ervan. Door het gebruik van meedere scan engines kunnen we een nauwkeuriger resultaat bekomen, dit betekent echter niet dat een bestand ook echt ongevaarlijk is. Er is nog geen oplossing die 100% bescherming biedt tegen virussen en malware.
