× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 11102de13d7d72db69f11e405f2f909273f41368b5182359e1fa34f1b59c5eb3
File name: BF913DEC00EAEB78E0380BD362BB5E0006AE0A67.exe
Detection ratio: 14 / 41
Analysis date: 2009-11-20 14:08:47 UTC ( 8 years, 7 months ago ) View latest
Antivirus Result Update
a-squared Trojan-Downloader.Win32.Bagle!IK 20091120
Authentium W32/Themida_Packed!Eldorado 20091119
CAT-QuickHeal (Suspicious) - DNAScan 20091120
F-Prot W32/Themida_Packed!Eldorado 20091120
Fortinet W32/Packed.B 20091120
Ikarus Trojan-Downloader.Win32.Bagle 20091120
Kaspersky Trojan-Downloader.Win32.Bagle.bua 20091120
McAfee+Artemis Artemis!2D12CB0C1FBE 20091119
McAfee-GW-Edition Heuristic.LooksLike.Win32.Suspicious.J 20091120
Microsoft TrojanDownloader:Win32/Bagle.gen!A 20091120
NOD32 Win32/Bagle.TC 20091120
Prevx Medium Risk Malware 20091120
Sophos AV Sus/ComPack-C 20091120
Sunbelt Backdoor.Win32.Ircbot.gen (v) 20091119
AhnLab-V3 20091119
AntiVir 20091120
Antiy-AVL 20091120
Avast 20091120
AVG 20091120
BitDefender 20091120
ClamAV 20091120
Comodo 20091119
DrWeb 20091120
eSafe 20091119
eTrust-Vet 20091120
F-Secure 20091120
GData 20091120
Jiangmin 20091120
K7AntiVirus 20091119
McAfee 20091119
Norman 20091120
nProtect 20091120
Panda 20091120
PCTools 20091120
Rising 20091120
Symantec 20091120
TheHacker 20091119
TrendMicro 20091120
VBA32 20091120
ViRobot 20091120
VirusBuster 20091119
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Number of sections 5
PE sections
PE imports
CompareStringW
File identification
MD5 2d12cb0c1fbe948c69a8a10e3fcfa447
SHA1 f68f3064c2fd0dfbf49cacd5acaac45f60a0572b
SHA256 11102de13d7d72db69f11e405f2f909273f41368b5182359e1fa34f1b59c5eb3
ssdeep
12288:QDZ610/KSPxnylZrxC1/z2Jhb6Tmtj2bwF0s8iS3KXYYIkm+3lJK/WP3HOlYvOPF:QDo1S1Yh4JCJhb6Tmtj2biP8qXYYTpf8

File size 760.0 KB ( 778240 bytes )
File type Win32 EXE
Magic literal

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
themida

VirusTotal metadata
First submission 2009-11-19 22:34:35 UTC ( 8 years, 7 months ago )
Last submission 2011-10-09 04:27:32 UTC ( 6 years, 8 months ago )
File names ctP8GUH.docx
aa
file.ex#
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!