× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1c18bd8c65cd12ec06bff9f9762c1b1a9912e8a26b9aee96ed1e56e290b643d4
File name: aa
Detection ratio: 14 / 41
Analysis date: 2010-02-25 22:18:09 UTC ( 8 years, 8 months ago )
Antivirus Result Update
a-squared Trojan-Dropper!IK 20100225
AntiVir TR/Dropper.Gen 20100225
eSafe Win32.TRDropper 20100225
Ikarus Trojan-Dropper 20100225
Kaspersky Trojan-Spy.Win32.Zbot.afol 20100225
McAfee W32/Koobface.worm.gen.ae 20100225
McAfee+Artemis Artemis!C83F518687F1 20100225
McAfee-GW-Edition Trojan.Dropper.Gen 20100225
NOD32 Win32/PSW.Delf.NSR 20100225
Panda Suspicious file 20100225
Sunbelt Trojan.Win32.Generic!BT 20100225
Symantec W32.Koobface.D 20100225
TheHacker Trojan/Delf.nsr 20100225
TrendMicro PAK_Generic.001 20100225
AhnLab-V3 20100225
Antiy-AVL 20100225
Authentium 20100225
Avast 20100225
AVG 20100225
BitDefender 20100225
CAT-QuickHeal 20100225
ClamAV 20100225
Comodo 20100225
DrWeb 20100225
eTrust-Vet 20100225
F-Prot 20100225
F-Secure 20100225
Fortinet 20100225
GData 20100225
Jiangmin 20100225
K7AntiVirus 20100225
Microsoft 20100225
Norman 20100225
nProtect 20100225
PCTools 20100225
Prevx 20100225
Rising 20100211
Sophos AV 20100225
VBA32 20100225
ViRobot 20100225
VirusBuster 20100225
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 3
PE sections
PE imports
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
ExitProcess
1 more function(s) imported by ordinal)
CallWindowProcA
File identification
MD5 c83f518687f1bfd023dd2ee11291067d
SHA1 76c9633095afa17f8e41fd89a4c1c8e527a26f2e
SHA256 1c18bd8c65cd12ec06bff9f9762c1b1a9912e8a26b9aee96ed1e56e290b643d4
ssdeep
3072:Tifs2VBTby0atyXkHb3RWdOQfdNsh0cLuV16Khw5:Ti/nfypQXkH0LoI5

File size 101.5 KB ( 103936 bytes )
File type unknown
Magic literal

TrID UPX compressed Win32 Executable (43.8%)
Win32 EXE Yoda's Crypter (38.1%)
Win32 Executable Generic (12.2%)
Generic Win/DOS Executable (2.8%)
DOS Executable Generic (2.8%)
VirusTotal metadata
First submission 2010-02-25 13:05:58 UTC ( 8 years, 8 months ago )
Last submission 2010-02-25 22:18:09 UTC ( 8 years, 8 months ago )
File names aa
nZWHF.xdp
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!