× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 52517fd727f1bf10e31dcec29c744229c8c762b1e1de039ea498f0f29c53e2ee
Dateiname: VirusShare_29838a6e3b84cb73188717a2e7557df1
Erkennungsrate: 41 / 46
Analyse-Datum: 2013-04-18 09:26:58 UTC ( vor 5 Jahre, 8 Monate )
Antivirus Ergebnis Aktualisierung
Yandex Suspicious!SA 20130417
AhnLab-V3 Backdoor/Win32.Seed 20130418
AntiVir TR/Crypt.FSPM.Gen 20130418
Antiy-AVL Backdoor/Win32.Seed 20130418
Avast Win32:Pendix-AG [Trj] 20130418
AVG Downloader.Small.25.BV 20130418
BitDefender Generic.Malware.dld!!.CB1A510F 20130418
ByteHero Trojan.Win32.Heur.Gen 20130417
CAT-QuickHeal (Suspicious) - DNAScan 20130418
Commtouch W32/Downloader-Sml!Eldorado 20130418
Comodo Packed.Win32.MFSG.Gen 20130418
DrWeb Trojan.Aphex.85 20130418
Emsisoft Backdoor.Win32.Seed.a (A) 20130418
ESET-NOD32 a variant of Win32/TrojanDownloader.Pendix.C 20130418
F-Prot W32/Downloader-Sml!Eldorado 20130418
F-Secure Generic.Malware.dld!!.CB1A510F 20130418
Fortinet W32/Heuri.A!tr.bdr 20130418
GData Generic.Malware.dld!!.CB1A510F 20130418
Ikarus AdvHeur 20130418
Jiangmin Backdoor/Seed.u 20130418
K7AntiVirus Trojan 20130417
K7GW Trojan 20130417
Kaspersky Backdoor.Win32.Seed.a 20130418
Kingsoft Win32.TrojDownloader.Pendix.a.(kcloud) 20130415
Malwarebytes Trojan.Downloader 20130418
McAfee Downloader.gen.a 20130418
McAfee-GW-Edition Heuristic.BehavesLike.Win32.Suspicious-BAY.K 20130418
Microsoft TrojanDownloader:Win32/Small.gen!Z 20130418
eScan Generic.Malware.dld!!.CB1A510F 20130418
NANO-Antivirus Trojan.Win32.Pendix.jfkx 20130418
Norman Suspicious_F.B 20130418
Panda Trj/CI.A 20130418
PCTools Downloader.Generic 20130418
Sophos AV Mal/Behav-290 20130418
SUPERAntiSpyware Trojan.Dropper/Packed 20130418
Symantec Downloader 20130418
TotalDefense Win32/SillyDl.WLR 20130418
TrendMicro Mal_DLDER 20130418
TrendMicro-HouseCall Mal_DLDER 20130418
VBA32 BackDoor.Seed 20130417
VIPRE Trojan-Downloader.Win32.Small!cobra (v) 20130418
ClamAV 20130418
eSafe 20130415
nProtect 20130418
TheHacker 20130418
ViRobot 20130418
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
Packers identified
Command FSG
F-PROT FSG
PEiD FSG v2.0 -> bart/xt
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1987-09-11 01:35:02
Entry Point 0x00000154
Number of sections 2
PE sections
PE imports
LoadLibraryA
GetProcAddress
ExifTool file metadata
FileAccessDate
2013:04:18 10:27:02+01:00

FileCreateDate
2013:04:18 10:27:02+01:00

File identification
MD5 29838a6e3b84cb73188717a2e7557df1
SHA1 92e7cef1a859f4972ccbe88ff8def4f3effa207d
SHA256 52517fd727f1bf10e31dcec29c744229c8c762b1e1de039ea498f0f29c53e2ee
ssdeep
12:1sFZK9Wrur1mpLqd2Va8cRQNIc3KP82WG7vfkbnisL:iFIIBViUYtanb

File size 1.4 KB ( 1389 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable, PE for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (61.9%)
Generic Win/DOS Executable (19.0%)
DOS Executable Generic (19.0%)
Targa bitmap (Original TGA Format) (0.0%)
Tags
peexe fsg

VirusTotal metadata
First submission 2013-04-18 09:26:58 UTC ( vor 5 Jahre, 8 Monate )
Last submission 2013-04-18 09:26:58 UTC ( vor 5 Jahre, 8 Monate )
Dateinamen VirusShare_29838a6e3b84cb73188717a2e7557df1
O42NoV.xltx
aa
NL2dbd.inf
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Set keys
Created mutexes
Opened mutexes
Opened service managers
Opened services
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
HTTP requests
DNS requests
TCP connections
UDP communications