× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 20f7c5fcb7125757a55ad71bb4cef500d07ed0ea29db3f271949c71e344af6df
Detection ratio: 7 / 41
Analysis date: 2010-05-05 20:10:54 UTC ( 8 years, 4 months ago )
Antivirus Result Update
DrWeb Trojan.DownLoader1.7021 20100505
F-Secure Suspicious:W32/Malware!Gemini 20100505
McAfee-GW-Edition Heuristic.BehavesLike.Win32.Downloader.H 20100505
NOD32 Win32/TrojanDownloader.FakeAlert.AQI 20100505
Panda Suspicious file 20100505
Prevx Medium Risk Malware Dropper 20100505
VirusBuster Trojan.Bredolab.Gen!Pac.3 20100505
a-squared 20100505
AhnLab-V3 20100505
AntiVir 20100505
Antiy-AVL 20100505
Authentium 20100505
Avast 20100505
Avast5 20100505
AVG 20100505
BitDefender 20100505
CAT-QuickHeal 20100504
ClamAV 20100505
Comodo 20100505
eSafe 20100505
eTrust-Vet 20100505
F-Prot 20100505
Fortinet 20100505
GData 20100505
Ikarus 20100505
Jiangmin 20100505
Kaspersky 20100505
McAfee 20100505
Microsoft 20100504
Norman 20100505
nProtect 20100505
PCTools 20100505
Rising 20100505
Sophos AV 20100505
Sunbelt 20100505
Symantec 20100505
TheHacker 20100503
TrendMicro 20100505
TrendMicro-HouseCall 20100505
VBA32 20100505
ViRobot 20100505
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
FileVersionInfo properties
Copyright
XXBX 2C54 FH1e

Original name XmI96.exe
File version 1.0.0.0
Description S2DqZ URQkAGi
PE header basic information
Number of sections 6
PE sections
PE imports
AdjustTokenPrivileges
AllocateAndInitializeSid
ControlService
CreateServiceA
DeleteService
GetSecurityDescriptorControl
GetTokenInformation
InitializeSecurityDescriptor
LockServiceDatabase
OpenProcessToken
QueryServiceConfig2A
QueryServiceStatus
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegEnumValueA
RegFlushKey
RegOpenKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueA
RegSetValueExA
RegisterServiceCtrlHandlerA
SetSecurityDescriptorDacl
SetServiceStatus
StartServiceA
StartServiceCtrlDispatcherA
UnlockServiceDatabase
CompareStringA
CopyFileA
CreateFileA
FlushFileBuffers
GetCommandLineA
GetConsoleOutputCP
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsA
GetEnvironmentVariableA
GetFileTime
GetLastError
GetProcAddress
GetTickCount
GetUserDefaultLCID
GetVersion
GetWindowsDirectoryA
IsBadCodePtr
IsValidCodePage
LCMapStringA
LoadLibraryExA
LocalAlloc
LocalFree
SetCurrentDirectoryA
SetUnhandledExceptionFilter
SuspendThread
TlsFree
lstrcmpiA
lstrcpyA
lstrlenA
CharLowerA
CharNextA
ClientToScreen
CreateDialogParamA
CreatePopupMenu
CreateWindowExA
DispatchMessageA
ExitWindowsEx
FillRect
GetActiveWindow
GetClientRect
GetCursorPos
GetDlgItemTextA
GetFocus
GetKeyState
GetMenuItemCount
GetSysColorBrush
GetWindowPlacement
GetWindowTextA
InvalidateRect
KillTimer
LoadIconA
LoadImageA
PostMessageA
PtInRect
SetCapture
SetDlgItemInt
SetRect
SetWindowLongA
SetWindowRgn
UnregisterClassA
wsprintfA
File identification
MD5 d3fd5c7c15e67d3ee09f28351405f2a0
SHA1 f417186bf150e8639c1b769ffb4dd3e53cb235f3
SHA256 20f7c5fcb7125757a55ad71bb4cef500d07ed0ea29db3f271949c71e344af6df
ssdeep
1536:i9ZAGc/1D11kSlVeT7rrI5sz6GaPdvvT3fqGZgUzBu1NZCGqT3otLV:UpjnviNGaFXLr8b03otZ

File size 105.0 KB ( 107520 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (58.2%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.6%)
DOS Executable Generic (13.6%)
VXD Driver (0.2%)
VirusTotal metadata
First submission 2010-05-05 20:10:54 UTC ( 8 years, 4 months ago )
Last submission 2010-05-05 20:10:54 UTC ( 8 years, 4 months ago )
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!