× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0c4c69747217a8d3e4bf0e28a29c34a68b7d3e53242800876f929fb34b7820b4
File name: 97074EA2168A4ADDFDDEB18EEE1977E8
Detection ratio: 38 / 42
Analysis date: 2011-12-15 18:55:40 UTC ( 7 years, 2 months ago )
Antivirus Result Update
AhnLab-V3 Backdoor/Win32.IRCNite 20111215
AntiVir TR/Spy.ZBot.web 20111215
Antiy-AVL Backdoor/Win32.IRCNite.gen 20111215
Avast Win32:Malware-gen 20111215
AVG BackDoor.Generic13.ADXE 20111215
BitDefender Trojan.Elzob.D 20111215
CAT-QuickHeal Backdoor.IRCNite.ckj 20111214
Commtouch W32/FakeAlert.LD.gen!Eldorado 20111215
Comodo Packed.Win32.MUPX.Gen 20111215
DrWeb Trojan.Rmnet.1 20111215
Emsisoft Trojan-Ransom.Win32.PornoBlocker!IK 20111215
eSafe Win32.Trojan 20111213
eTrust-Vet Win32/Ramnit.U 20111215
F-Prot W32/FakeAlert.LD.gen!Eldorado 20111214
F-Secure Trojan.Elzob.D 20111215
Fortinet W32/Bamital.FA!tr 20111215
GData Trojan.Elzob.D 20111215
Ikarus Trojan-Ransom.Win32.PornoBlocker 20111215
Jiangmin Backdoor/IRCNite.ck 20111215
K7AntiVirus Trojan 20111215
Kaspersky Backdoor.Win32.IRCNite.ckj 20111215
McAfee Artemis!97074EA2168A 20111215
McAfee-GW-Edition Artemis!97074EA2168A 20111215
Microsoft Trojan:Win32/Ramnit.A 20111215
NOD32 Win32/Ramnit.A 20111215
Norman W32/Zbot.WTG 20111215
nProtect Gen:Variant.Kazy.8512 20111215
PCTools Downloader.Lofog 20111215
Rising Suspicious 20111215
Sophos AV Mal/Generic-L 20111215
SUPERAntiSpyware Trojan.Agent/Gen-Krypted 20111215
Symantec Downloader.Lofog!gen2 20111215
TheHacker Backdoor/IRCNite.ckj 20111215
TrendMicro TROJ_KRYPTK.SM12 20111215
TrendMicro-HouseCall TROJ_KRYPTK.SM12 20111215
VBA32 Malware-Cryptor.Win32.General.4.1 20111214
VIPRE Trojan.Win32.Bamital.i (v) 20111215
ViRobot Backdoor.Win32.IRCNite.73076 20111215
ByteHero 20111207
ClamAV 20111215
Prevx 20111215
VirusBuster 20111215
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Packers identified
F-PROT UPX
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2001-05-30 01:58:54
Entry Point 0x00022900
Number of sections 3
PE sections
PE imports
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
ExitProcess
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2001:05:30 03:58:54+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
69632

LinkerVersion
5.2

EntryPoint
0x22900

InitializedDataSize
4096

SubsystemVersion
4.0

ImageVersion
6.2

OSVersion
9.2

UninitializedDataSize
69632

File identification
MD5 97074ea2168a4addfddeb18eee1977e8
SHA1 e58ee29e0858e75490ab1c7efa6e610f822349d2
SHA256 0c4c69747217a8d3e4bf0e28a29c34a68b7d3e53242800876f929fb34b7820b4
ssdeep
1536:M+VdLCjNY9ZrYH/3eUKVVBeGXtF+1ZBJVTUmOq1Nn8i/ClhQI:M+VdGx8MKVVBeUFyZBLUmOG8/2I

File size 72.0 KB ( 73728 bytes )
File type Win32 EXE
Magic literal

TrID Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
Tags
upx

VirusTotal metadata
First submission 2011-11-17 21:53:01 UTC ( 7 years, 3 months ago )
Last submission 2011-12-15 18:55:40 UTC ( 7 years, 2 months ago )
File names aec66f54a4ef206b5741c39685969db4c08bef6f5219d749e86436ff70c8955fc5bad949bcd1214141913d53ef9b2a44358d9a45bfe2ac7d7f7e193428c3d984
97074EA2168A4ADDFDDEB18EEE1977E8
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!