× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 154ef37a77eccdab31b465fa40b6e208b8954e398c98d9638c9b0d3eef75cb21
File name: ca920bf55e8f6f11e5aa65fd1936cbb44bdda37e
Detection ratio: 11 / 55
Analysis date: 2014-09-19 09:09:41 UTC ( 4 years, 6 months ago )
Antivirus Result Update
AVG ScreenLocker.CSM 20140919
Avira (no cloud) TR/Crypt.ZPACK.84039 20140919
Baidu-International Trojan.Win32.Zbot.CGen 20140919
CMC Trojan.Win32.Krap.2!O 20140918
ESET-NOD32 a variant of Generik.JXDSVTL 20140919
Ikarus Trojan-Spy.Zbot 20140919
Microsoft PWS:Win32/Zbot 20140919
Qihoo-360 HEUR/Malware.QVM20.Gen 20140919
Rising PE:Malware.XPACK-LNR/Heur!1.5594 20140918
Sophos AV Mal/Generic-S 20140919
Symantec Trojan.Gen 20140919
Ad-Aware 20140919
AegisLab 20140919
Yandex 20140918
AhnLab-V3 20140918
Antiy-AVL 20140919
Avast 20140919
AVware 20140919
BitDefender 20140919
Bkav 20140918
ByteHero 20140919
CAT-QuickHeal 20140919
ClamAV 20140918
Comodo 20140919
Cyren 20140919
DrWeb 20140919
Emsisoft 20140919
F-Prot 20140919
F-Secure 20140919
Fortinet 20140919
GData 20140919
Jiangmin 20140918
K7AntiVirus 20140918
K7GW 20140918
Kaspersky 20140919
Kingsoft 20140919
Malwarebytes 20140919
McAfee 20140919
McAfee-GW-Edition 20140919
eScan 20140918
NANO-Antivirus 20140919
Norman 20140919
nProtect 20140919
Panda 20140919
SUPERAntiSpyware 20140919
Tencent 20140919
TheHacker 20140917
TotalDefense 20140918
TrendMicro 20140919
TrendMicro-HouseCall 20140919
VBA32 20140919
VIPRE 20140919
ViRobot 20140919
Zillya 20140919
Zoner 20140919
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
FileVersionInfo properties
Copyright 1 - 1985 - 2008

Publisher CallingID Ltd.
Product B7b336uf9250
Original name v5Z507TB.exe
Internal name v5Z507TB.exe
File version
Description of7J12s33384
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-09-17 20:17:29
Entry Point 0x00011510
Number of sections 4
PE sections
Number of PE resources by type
R27328 1
Number of PE resources by language
PE resources
File identification
MD5 b31095db72b766ea594cd0ebb64bee2c
SHA1 b54e3fa0e1720d327be9ed2d6498f87c5b253119
SHA256 154ef37a77eccdab31b465fa40b6e208b8954e398c98d9638c9b0d3eef75cb21

authentihash 92e9e0f0c1235e712ad96c58192b183352e70587f94650112fab7a8608d0ffbf
imphash 25d3273c1256f89546cf8ab9ebd2eaaf
File size 399.5 KB ( 409088 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

VirusTotal metadata
First submission 2014-09-18 07:11:36 UTC ( 4 years, 6 months ago )
Last submission 2014-09-19 09:09:41 UTC ( 4 years, 6 months ago )
File names 154ef37a77eccdab31b465fa40b6e208b8954e398c98d9638c9b0d3eef75cb21.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Deleted files
Created processes
Created mutexes
Opened mutexes
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
HTTP requests
DNS requests
TCP connections
UDP communications