× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0cd83459964d27f77c48dbf786b605fb476c483a05321336dc8fe9490909d3c1
File name: 3fec532092b41a9945d673b35ba4aefd
Detection ratio: 35 / 42
Analysis date: 2010-12-27 14:21:13 UTC ( 6 years, 2 months ago ) View latest
Antivirus Result Update
AhnLab-V3 Win-Trojan/Agent.212992.VL 20101227
AntiVir TR/Shakat.O.333 20101227
Antiy-AVL Packed/Win32.Katusha.gen 20101227
Avast Win32:MalOb-EA 20101227
Avast5 Win32:MalOb-EA 20101227
AVG FakeAV.GPF 20101227
BitDefender Trojan.Generic.KD.90926 20101227
CAT-QuickHeal Trojan.Katusha.o 20101227
Command W32/Renos.A!Generic 20101227
Comodo MalCrypt.Indus! 20101227
DrWeb Trojan.DownLoad2.19095 20101227
eTrust-Vet Win32/Renos.D!generic 20101227
F-Prot W32/Renos.A!Generic 20101227
F-Secure Trojan.Generic.KD.90926 20101227
Fortinet W32/Codecpack.700D!tr 20101227
GData Trojan.Generic.KD.90926 20101227
Ikarus Packed.Win32.Katusha 20101227
Jiangmin Packed.Katusha.ase 20101227
K7AntiVirus Virus 20101224
Kaspersky Packed.Win32.Katusha.o 20101227
McAfee Generic.dx!vgs 20101227
McAfee-GW-Edition Heuristic.BehavesLike.Win32.Downloader.H 20101227
Microsoft TrojanDownloader:Win32/Renos.MJ 20101227
NOD32 Win32/TrojanDownloader.FakeAlert.BBT 20101227
Norman W32/Obfuscated.M 20101224
nProtect Trojan/W32.Agent.212992.JV 20101227
Panda Suspicious file 20101226
PCTools Trojan.FakeAV 20101227
Rising Trojan.Win32.Generic.52530514 20101227
Sophos Mal/EncPk-NS 20101227
SUPERAntiSpyware Trojan.Agent/Gen-Fraudera 20101227
Symantec Trojan.FakeAV!gen29 20101227
VBA32 Malware-Cryptor.Limpopo 20101227
VIPRE VirTool.Win32.Obfuscator.hg!b1 (v) 20101227
VirusBuster Trojan.DL.Renos!al/DlyrO68M 20101227
ClamAV 20101227
eSafe 20101226
Prevx 20101227
TheHacker 20101227
TrendMicro 20101227
TrendMicro-HouseCall 20101227
ViRobot 20101227
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
FileVersionInfo properties
Copyright
Copyright (c) M S Extrim Edition 2011

Publisher Windows (R) Codename Longhorn DDK provider
Product Extrim Edition Version 2011
Original name Extrim Edition.exe
Internal name Extrim Edition.exe
File version 6.0.7007.1771
Description Windows Setup API
PE header basic information
Number of sections 8
PE sections
PE imports
ChooseColorA
GetSaveFileNameA
FindTextA
GetOpenFileNameA
GetFileTitleA
VirtualQuery
lstrcmpiA
lstrcpynA
ExitThread
GetVersionExA
lstrcmpA
VirtualAllocEx
IsBadReadPtr
WriteFile
WideCharToMultiByte
MulDiv
LocalFree
lstrcpyA
VirtualFree
lstrlenA
MoveFileA
SizeofResource
LocalReAlloc
lstrlenW
lstrcatA
GetModuleHandleW
LoadLibraryA
VirtualAlloc
WaitForSingleObject
GetModuleHandleA
ExitProcess
LocalAlloc
MoveFileExA
GetProcAddress
HeapDestroy
memset
srand
pow
strcmp
CLSIDFromString
WriteClassStm
PropVariantClear
RegisterTypeLib
GetErrorInfo
SHGetSpecialFolderLocation
SHFileOperationA
SHGetDiskFreeSpaceA
RegisterWindowMessageA
RedrawWindow
MessageBoxA
PeekMessageW
PostMessageA
LoadIconA
OffsetRect
PostQuitMessage
PeekMessageA
ReleaseCapture
RemovePropA
LoadStringA
RemoveMenu
SetActiveWindow
SendMessageA
LoadBitmapA
RegisterClassA
PtInRect
MapVirtualKeyA
ReleaseDC
LoadCursorA
MessageBeep
RegisterClipboardFormatA
LoadKeyboardLayoutA
MapWindowPoints
OemToCharA
OpenClipboard
ScrollWindow
SendMessageW
ScreenToClient
GetFileVersionInfoSizeA
ImageList_Write
ImageList_DragShowNolock
ImageList_Add
ImageList_Draw
CreateFontIndirectA
CreatePenIndirect
CreateDIBitmap
SetPixel
SetTextColor
CreatePalette
CreateCompatibleBitmap
GetBitmapBits
SHDeleteValueA
PathGetCharTypeA
PathIsContentTypeA
SHQueryInfoKeyA
SHEnumValueA
SHDeleteKeyA
File identification
MD5 3fec532092b41a9945d673b35ba4aefd
SHA1 ff23cfece87bf9747ae8c7b1810e563cbaec1cdc
SHA256 0cd83459964d27f77c48dbf786b605fb476c483a05321336dc8fe9490909d3c1
ssdeep
3072:hLLFp/ljbCjrL0oNa/rInoUtq1cGZuqMbGTxKI0oWSLvBSq2R7XIbHmSDZX:tnlqj30oAzUtq1cGsM0ILYqw7X7

File size 208.0 KB ( 212992 bytes )
File type Win32 EXE
Magic literal

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2010-12-20 17:22:30 UTC ( 6 years, 3 months ago )
Last submission 2011-08-28 10:20:36 UTC ( 5 years, 6 months ago )
File names 3fec532092b41a9945d673b35ba4aefd
3FEC532092B41A9945D673B35BA4AEFD
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!