× Cookies are disabled! This site requires cookies to be enabled to work properly
VirusTotal
SHA256: 1bfb8c29126767f43597f518593a018353d4f0e605f5fcf8ac7ca95940a38c4d
Detection ratio: 36 / 40
Analysis date: 2010-10-03 05:28:07 UTC ( 8 years, 4 months ago )
Antivirus Result Update
AhnLab-V3 Win32/Flystudio.worm.Gen 20101002
AntiVir TR/Agent.ies 20101001
Authentium W32/Autorun.KA 20101003
Avast Win32:Agent-AJEY 20101003
Avast5 Win32:Agent-AJEY 20101003
AVG Worm/Generic.OUK 20101002
BitDefender Worm.Autorun.VIO 20101002
CAT-QuickHeal Worm.Autorun.dm 20101001
ClamAV Worm.Autorun-1929 20101002
Comodo TrojWare.Win32.TrojanDropper.Agent.~JJB 20101003
DrWeb Win32.HLLW.Autoruner.2859 20101003
eTrust-Vet Win32/SillyAutorun.AIN 20101002
F-Prot W32/Autorun.KA 20101003
F-Secure Worm.Autorun.VIO 20101003
Fortinet W32/Autorun 20101002
GData Win32:Agent-AJEY 20101003
Ikarus Trojan-Dropper.Win32.Flystud 20101002
Jiangmin TrojanDownloader.VB.kbi 20101002
K7AntiVirus Trojan 20101002
Kaspersky Worm.Win32.AutoRun.arif 20101003
McAfee W32/Autorun.worm.dp 20101003
McAfee-GW-Edition W32/Autorun.worm.dp 20101002
Microsoft TrojanDropper:Win32/Silly_P2P.B 20101002
NOD32 Win32/FlyStudio.NET 20101002
nProtect Worm.Autorun.VIO 20101002
Panda Suspicious file 20101002
PCTools Worm.AutoRun!sd5 20101002
Prevx High Risk Cloaked Malware 20101003
Rising Worm.Win32.Agent.vr 20100930
Sophos AV Mal/Generic-L 20101003
Sunbelt Trojan.Win32.Generic!SB.0 20101003
Symantec W32.SillyFDC 20101003
TheHacker W32/AutoRun.arif 20101003
TrendMicro WORM_AUTORUN.BQK 20101003
TrendMicro-HouseCall WORM_AUTORUN.BQK 20101003
VBA32 Trojan.HLLW.Erun.507 20101001
Antiy-AVL 20101003
eSafe 20100930
SUPERAntiSpyware 20101003
ViRobot 20101002
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
Packers identified
PEiD Armadillo v1.71
PE header basic information
Number of sections 6
PE sections
PE imports
[+] kernel32.dll
GetProcAddress
LoadLibraryA
CloseHandle
WriteFile
CreateDirectoryA
GetTempPathA
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
GetStringTypeA
LCMapStringW
LCMapStringA
HeapAlloc
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
GetStringTypeW
[+] user32.dll
MessageBoxA
wsprintfA
File identification
MD5 fea5f50de04937a4107321eb8d6009e7
SHA1 65a9f6260dd7b13c937c1277bb7dd29f47dd16a8
SHA256 1bfb8c29126767f43597f518593a018353d4f0e605f5fcf8ac7ca95940a38c4d
ssdeep
24576:vGvobuvmoCmN4MVVnxLtPxr410aQXIcZ9T7TZ4CHMVKI3KHKLrTRJFY:evovlqRtPxMxQXI89RHRI3KHuTW

File size 1.3 MB ( 1399775 bytes )
File type unknown
Magic literal

TrID Win32 EXE PECompact compressed (generic) (40.9%)
Win32 Executable MS Visual C++ (generic) (37.1%)
Win32 Executable Generic (8.4%)
Win32 Dynamic Link Library (generic) (7.4%)
Clipper DOS Executable (1.9%)
VirusTotal metadata
First submission 2010-10-03 05:28:07 UTC ( 8 years, 4 months ago )
Last submission 2010-10-03 05:28:07 UTC ( 8 years, 4 months ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!
More comments

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

Sign in Join the community
No votes. No one has voted on this item yet, be the first one to do so!
More votes
Blog | Twitter | Contact us | ToS | Privacy policy