× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1731250ea06509e6d6ce4a01e000faa58b35e40f87d32fc41131b019219a3c38
File name: amprp.pif
Detection ratio: 50 / 55
Analysis date: 2014-08-23 13:59:30 UTC ( 4 years ago )
Antivirus Result Update
Ad-Aware Trojan.SalityStub.A 20140823
Yandex Win32.Sality.BL 20140822
AhnLab-V3 Win32/Kashu.E 20140823
AntiVir W32/Sality.AT 20140823
Antiy-AVL Virus/Win32.Sality.gen 20140823
Avast Win32:Sality 20140823
AVG Win32/Sality.dropper 20140823
AVware Virus.Win32.Sality.at (v) 20140823
Baidu-International Virus.Win32.Sality.$Emu 20140823
BitDefender Trojan.SalityStub.A 20140823
Bkav W32.Sality.PE 20140821
ByteHero Virus.Win32.Heur.d 20140823
CAT-QuickHeal W32.Sality.U 20140823
ClamAV Trojan.Agent-168681 20140823
Commtouch W32/Sality.gen2 20140823
Comodo Virus.Win32.Sality.Gen 20140823
DrWeb Win32.Sector.31 20140823
Emsisoft Trojan.SalityStub.A (B) 20140823
ESET-NOD32 Win32/Sality 20140823
F-Prot W32/Sality.gen2 20140823
F-Secure Trojan.SalityStub.A 20140823
Fortinet W32/LPECrypt.A!tr 20140823
GData Trojan.SalityStub.A 20140823
Ikarus Virus.Win32.Sality 20140823
Jiangmin Win32/HLLP.Kuku.Gen1 20140822
K7AntiVirus Trojan ( 001e7bc71 ) 20140822
K7GW Trojan ( 001e7bc71 ) 20140822
Kaspersky Virus.Win32.Sality.gen 20140823
Malwarebytes Trojan.Malpack.Gen 20140823
McAfee W32/Sality.gen.z 20140823
Microsoft Virus:Win32/Sality.AT 20140823
eScan Trojan.SalityStub.A 20140823
NANO-Antivirus Virus.Win32.Sality.beygb 20140823
nProtect Virus/W32.Sality.D 20140822
Panda W32/Sality.AK.drp 20140823
Qihoo-360 Trojan.Win32.SalityStub.A 20140823
Rising PE:Trojan.Win32.KUKU.a!1075333286 20140823
Sophos AV Troj/SalLoad-C 20140823
SUPERAntiSpyware Trojan.Agent/Gen-CDesc[LordPE] 20140823
Symantec W32.Sality!dr 20140823
Tencent Trojan.Win32.SalityStub.a 20140823
TheHacker W32/Sality.gen 20140822
TotalDefense Win32/Sality.AA 20140823
TrendMicro PE_SALITY.RL-O 20140823
TrendMicro-HouseCall PE_SALITY.RL-O 20140823
VBA32 Virus.Win32.Sality.bakc 20140822
VIPRE Virus.Win32.Sality.at (v) 20140823
ViRobot Win32.Sality.N.Host 20140823
Zillya Virus.Sality.Win32.17 20140822
Zoner Win32.Sality 20140822
AegisLab 20140823
CMC 20140822
Kingsoft 20140823
McAfee-GW-Edition 20140823
Norman 20140823
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-02-10 13:15:37
Entry Point 0x00001040
Number of sections 1
PE sections
File identification
MD5 71414676905749c5e5811cc638f4e312
SHA1 478ef21002a353d8b6f13b202d946786385e34bb
SHA256 1731250ea06509e6d6ce4a01e000faa58b35e40f87d32fc41131b019219a3c38

imphash 14610dd0ebbc796a9a3a2ba2cdd24e79
File size 100.7 KB ( 103140 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID DOS Executable Generic (100.0%)

VirusTotal metadata
First submission 2014-08-23 13:59:30 UTC ( 4 years ago )
Last submission 2014-08-23 13:59:30 UTC ( 4 years ago )
File names amprp.pif
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Copied files
Deleted files
Code injections in the following processes
Created mutexes
Opened mutexes
Searched windows
Opened service managers
Opened services
Runtime DLLs
HTTP requests
DNS requests
TCP connections
UDP communications