Srpski | Македонски | العربية | Suomi | ihMdI | 
| עברית | 
| Slovenščina | Dansk | Русский | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | 
| 
| Magyar | Deutsch | Česky | Polski | Español | English
| עברית | | Slovenščina | Dansk | Русский | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español | English
|
VirusTotal este un serviciu care analizează fişierele suspecte şi facilitează detecţia rapidă a viruşilor, troienilor şi a tuturor ameninţărilor informatice detectate de motoarele antivirus. Mai multe informaţii... |
Fişier change_cnc3-key.exe primit la data de 2008.12.03 03:54:58 (UTC)
Status actual: încheiat
Status actual: încheiat
Rezultat: 26/37 (70.27%)
| Antivirus | Versiune | Ultima actualizare | Rezultat |
|---|---|---|---|
| AhnLab-V3 | 2008.12.2.2 | 2008.12.02 | - |
| AntiVir | 7.9.0.36 | 2008.12.02 | DR/Dldr.Small.agns |
| Authentium | 5.1.0.4 | 2008.12.02 | - |
| Avast | 4.8.1281.0 | 2008.12.02 | Win32:Trojan-gen {Other} |
| AVG | 8.0.0.199 | 2008.12.03 | Downloader.Generic_r.BT |
| BitDefender | 7.2 | 2008.12.03 | Trojan.Downloader.Small.ABER |
| CAT-QuickHeal | 10.00 | 2008.12.03 | - |
| ClamAV | 0.94.1 | 2008.12.02 | - |
| DrWeb | 4.44.0.09170 | 2008.12.03 | Trojan.Siggen.1115 |
| eSafe | 7.0.17.0 | 2008.12.02 | Win32.Small.agns |
| eTrust-Vet | 31.6.6240 | 2008.12.03 | - |
| Ewido | 4.0 | 2008.12.02 | - |
| F-Prot | 4.4.4.56 | 2008.12.02 | - |
| F-Secure | 8.0.14332.0 | 2008.12.03 | Trojan-Downloader.Win32.Small.agns |
| Fortinet | 3.117.0.0 | 2008.12.03 | PossibleThreat |
| GData | 19 | 2008.12.03 | Trojan.Downloader.Small.ABER |
| Ikarus | T3.1.1.45.0 | 2008.12.03 | Trojan-Downloader.Win32.Small |
| K7AntiVirus | 7.10.540 | 2008.12.02 | Packed.Win32.Monder.gen |
| Kaspersky | 7.0.0.125 | 2008.12.03 | Trojan-Downloader.Win32.Small.agns |
| McAfee | 5452 | 2008.12.02 | Generic Downloader.x |
| McAfee+Artemis | 5452 | 2008.12.02 | Generic Downloader.x |
| Microsoft | 1.4205 | 2008.12.03 | Trojan:Win32/Vundo.gen!AG |
| NOD32 | 3659 | 2008.12.02 | probably a variant of Win32/Kryptik.BJ |
| Norman | 5.80.02 | 2008.12.02 | W32/Smalltroj.IWCP.dropper |
| Panda | 9.0.0.4 | 2008.12.02 | Generic Trojan |
| PCTools | 4.4.2.0 | 2008.12.02 | Trojan-Downloader.Agent!sd6 |
| Prevx1 | V2 | 2008.12.03 | Malicious Software |
| Rising | 21.06.12.00 | 2008.12.02 | - |
| SecureWeb-Gateway | 6.7.6 | 2008.12.03 | Trojan.Dropper.Dldr.Small.agns |
| Sophos | 4.36.0 | 2008.12.03 | Sus/Behav-273 |
| Sunbelt | 3.1.1832.2 | 2008.12.01 | - |
| Symantec | 10 | 2008.12.03 | Downloader |
| TheHacker | 6.3.1.2.172 | 2008.12.02 | - |
| TrendMicro | 8.700.0.1004 | 2008.12.02 | PAK_Generic.001 |
| VBA32 | 3.12.8.10 | 2008.12.02 | Trojan-Downloader.Win32.Small.agns |
| ViRobot | 2008.12.2.1496 | 2008.12.02 | Spyware.Small.Do.249207 |
| VirusBuster | 4.5.11.0 | 2008.12.02 | - |
| Informaţii suplimentare |
|---|
| File size: 249207 bytes |
| MD5...: 7225361c6bac963c971f1e8ba6441732 |
| SHA1..: 4ff267037e71c6bdc873415ad5e957cdda5d8803 |
| SHA256: d75b24e1565e5e2e067d60f8a42f146c1b00da906c0e8733ddebb25fde27a8d1 |
| SHA512: aa8f6005d7293d61addfa8a5c7bdf7f3c95a6a02f0ecbca89753ec50645ca5dd 9d73d34fa2a5bf8c0e23f898415763e6b44588c6b6e1189f8b6f51ccb42446b4 |
| ssdeep: 3072:Z8U2yJN5f661xRZbALxB1Ojdgx8GYWHcNk0eMD4Ix01WRvXwpAJT3oP1Elb qP2m6:Z8U2qy6rRZb7jxGYW8Nk0u16/Y6wPVW |
| PEiD..: - |
| TrID..: File type identification WinRAR Self Extracting archive (95.7%) Win32 Executable Generic (1.5%) Win32 Dynamic Link Library (generic) (1.4%) Win32 Executable Watcom C++ (generic) (0.4%) Generic Win/DOS Executable (0.3%) |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x401000 timedatestamp.....: 0x4623462a (Mon Apr 16 09:47:22 2007) machinetype.......: 0x14c (I386) ( 4 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0x14000 0x13600 6.44 c5df2bcf4cb444a9ce3abf40dc2ae79f .data 0x15000 0x7000 0xa00 4.92 fe3e541d125dbe299f892385c2f9e9c8 .idata 0x1c000 0x1000 0x1000 5.12 37eade5359d82bcd800d9cf089c501ff .rsrc 0x1d000 0x4000 0x3c00 4.71 87390a753fe986dd8d412862ac8693b6 ( 8 imports ) > ADVAPI32.DLL: AdjustTokenPrivileges, LookupPrivilegeValueA, OpenProcessToken, RegCloseKey, RegCreateKeyExA, RegOpenKeyExA, RegQueryValueExA, RegSetValueExA, SetFileSecurityA, SetFileSecurityW > KERNEL32.DLL: CloseHandle, CompareStringA, CreateDirectoryA, CreateDirectoryW, CreateFileA, CreateFileW, DeleteFileA, DeleteFileW, DosDateTimeToFileTime, ExitProcess, ExpandEnvironmentStringsA, FileTimeToLocalFileTime, FileTimeToSystemTime, FindClose, FindFirstFileA, FindFirstFileW, FindNextFileA, FindNextFileW, FindResourceA, FreeLibrary, GetCPInfo, GetCommandLineA, GetCurrentDirectoryA, GetCurrentProcess, GetDateFormatA, GetFileAttributesA, GetFileAttributesW, GetFileType, GetFullPathNameA, GetLastError, GetLocaleInfoA, GetModuleFileNameA, GetModuleHandleA, GetNumberFormatA, GetProcAddress, GetProcessHeap, GetStdHandle, GetTempPathA, GetTickCount, GetTimeFormatA, GetVersionExA, GlobalAlloc, HeapAlloc, HeapFree, HeapReAlloc, IsDBCSLeadByte, LoadLibraryA, LocalFileTimeToFileTime, MoveFileA, MoveFileExA, MultiByteToWideChar, ReadFile, SetCurrentDirectoryA, SetEndOfFile, SetEnvironmentVariableA, SetFileAttributesA, SetFileAttributesW, SetFilePointer, SetFileTime, SetLastError, Sleep, SystemTimeToFileTime, WaitForSingleObject, WideCharToMultiByte, WriteFile, lstrcmpiA, lstrlenA > COMCTL32.DLL: - > COMDLG32.DLL: CommDlgExtendedError, GetOpenFileNameA, GetSaveFileNameA > GDI32.DLL: DeleteObject > SHELL32.DLL: SHBrowseForFolderA, SHChangeNotify, SHFileOperationA, SHGetFileInfoA, SHGetMalloc, SHGetSpecialFolderLocation, ShellExecuteExA, SHGetPathFromIDListA > USER32.DLL: CharToOemA, CharToOemBuffA, CharUpperA, CopyRect, CreateWindowExA, DefWindowProcA, DestroyIcon, DestroyWindow, DialogBoxParamA, DispatchMessageA, EnableWindow, EndDialog, FindWindowExA, GetClassNameA, GetClientRect, GetDlgItem, GetDlgItemTextA, GetMessageA, GetParent, GetSysColor, GetSystemMetrics, GetWindow, GetWindowLongA, GetWindowRect, GetWindowTextA, IsWindow, IsWindowVisible, LoadBitmapA, LoadCursorA, LoadIconA, LoadStringA, MapWindowPoints, MessageBoxA, OemToCharA, OemToCharBuffA, PeekMessageA, PostMessageA, RegisterClassExA, SendDlgItemMessageA, SendMessageA, SetDlgItemTextA, SetFocus, SetMenu, SetWindowLongA, SetWindowPos, SetWindowTextA, ShowWindow, TranslateMessage, UpdateWindow, WaitForInputIdle, wsprintfA, wvsprintfA > OLE32.DLL: CLSIDFromString, CoCreateInstance, CreateStreamOnHGlobal, OleInitialize, OleUninitialize ( 0 exports ) |
| Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=E38A2E3D77BDA8FFCD84033B74741300FB28EA32 |
| Norman Sandbox: [ General information ] * **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: ANALYSIS@NORMAN.NO - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**. * Creating several executable files on hard-drive. * File length: 249207 bytes. [ Changes to filesystem ] * Creates directory C:. * Creates directory C:\WINDOWS. * Creates file C:\WINDOWS\__tmp_rar_sfx_access_check_511. * Deletes file __tmp_rar_sfx_access_check_511. * Creates file C:\WINDOWS\readme.bat. * Creates file C:\WINDOWS\serial.exe. * Creates file C:\WINDOWS\crack.exe. * Creates file C:\WINDOWS\number.exe. * Creates file C:\WINDOWS\keygen.exe. [ Process/window information ] * Creates a dialogbox with caption \"WinRAR self-extracting archive\". * Buttons found in dialogbox: id102[278,156]\"Bro&wse...\" id1[211,207]\"Install\" id2[278,207]\"Cancel\" . * Creates a dialogbox with caption \"License\". * Buttons found in dialogbox: id1[211,207]\"Accept\" id2[278,207]\"Decline\" . * Pressing button with id 1 \"Accept\". * Pressing button with id 1 \"Install\". * Attempts to open CLSID {0000002C-5994-0005-320F-4243693F4000}. * Attemps to NULL C:\WINDOWS\readme.bat NULL. * Creates process \"CMD.EXE\". * Creates process \"serial.exe\". [ Signature Scanning ] * C:\WINDOWS\readme.bat (46 bytes) : no signature detection. * C:\WINDOWS\serial.exe (9728 bytes) : no signature detection. * C:\WINDOWS\crack.exe (59392 bytes) : W32/Smalltroj.IWCP. |
| ThreatExpert info: http://www.threatexpert.com/report.aspx?md5=7225361c6bac963c971f1e8ba6441732 |
| packers (Kaspersky): PE_Patch.UPX, UPX |
| CWSandbox info: http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=7225361c6bac963c971f1e8ba6441732 |
| packers (F-Prot): RAR, UPX |
ATENŢIE:
VirusTotal este un serviciu gratuit oferit de Hispasec Sistemas. Nu există nici o garanţie asupra disponibilităţii şi continuităţii acestui serviciu. Deşi rata de detecţie oferită de folosirea mai multor motoare antivirus este mult superioară aceleia oferite de un singur produs, aceste rezultate NU garantează faptul că un fişier nu este infectat. Momentan, nu există nici o soluţie care să ofere o rată de detecţie de 100% pentru viruşi şi alte ameninţări informatice.
