× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 25997959ef107ebd993c9fed532520eda2d7d5bbd4f11619bec588907fe8bd95
File name: DCBE52DB6E6238A46101EE47CDB1B3E8
Detection ratio: 35 / 43
Analysis date: 2011-08-14 15:02:21 UTC ( 7 years, 2 months ago )
Antivirus Result Update
AhnLab-V3 Worm/Win32.Butibrot 20110814
AntiVir TR/Spy.Agent.qyb 20110812
Avast Win32:Malware-gen 20110814
Avast5 Win32:Malware-gen 20110814
AVG Dropper.Generic_c.KNQ 20110814
BitDefender MemScan:Trojan.Loader.AZ 20110814
ClamAV PUA.Packed.Themida-1 20110813
Commtouch W32/MalwareF.XVL 20110813
Comodo Worm.Win32.P2P-Worm.Butibrot.iw 20110814
DrWeb Trojan.Packed.2362 20110814
Emsisoft Backdoor.Win32.Bifrose!IK 20110814
eSafe Win32.Horse 20110810
F-Prot W32/MalwareF.XVL 20110813
F-Secure MemScan:Trojan.Loader.AZ 20110814
GData MemScan:Trojan.Loader.AZ 20110814
Ikarus Backdoor.Win32.Bifrose 20110814
Jiangmin TrojanDropper.VB.eso 20110813
K7AntiVirus P2PWorm 20110812
Kaspersky P2P-Worm.Win32.Butibrot.iw 20110814
McAfee Generic.dx!ngf 20110814
McAfee-GW-Edition Generic.dx!ngf 20110814
Microsoft VirTool:Win32/VBInject.gen!Q 20110814
NOD32 a variant of Win32/Injector.JH 20110814
Norman Shark.gen1.dropper 20110812
nProtect Worm/W32.Butibrot.894079 20110814
Panda Trj/Thed.A 20110814
PCTools Trojan.Generic 20110814
Sophos AV Mal/Sparow-A 20110814
SUPERAntiSpyware Trojan.Agent/Gen 20110813
Symantec Trojan Horse 20110814
TrendMicro TROJ_HAHA.B 20110814
TrendMicro-HouseCall TROJ_HAHA.B 20110814
VIPRE Trojan.Win32.Generic.pak!cobra 20110814
ViRobot Worm.Win32.S.P2P-Butibrot.894079 20110814
VirusBuster Worm.P2P.Butibrot!aQKJ7GSZOho 20110814
Antiy-AVL 20110814
CAT-QuickHeal 20110813
eTrust-Vet 20110812
Fortinet 20110814
Prevx 20110814
Rising 20110812
TheHacker 20110813
VBA32 20110813
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Number of sections 4
PE sections
PE imports
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
1 more function(s) imported by ordinal)
DeleteObject
CloseHandle
CompareStringA
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
ExitProcess
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FreeLibrary
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetDateFormatA
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetNumberFormatA
GetProcAddress
GetProcessHeap
GetStdHandle
GetTempPathA
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalAlloc
HeapAlloc
HeapFree
HeapReAlloc
IsDBCSLeadByte
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
MoveFileExA
MultiByteToWideChar
OpenFile
ReadFile
SetCurrentDirectoryA
SetEnvironmentVariableA
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
SetVolumeLabelA
Sleep
SystemTimeToFileTime
WaitForSingleObject
WideCharToMultiByte
WriteFile
_lclose
lstrcmpiA
lstrlenA
CLSIDFromString
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
SHBrowseForFolderA
SHChangeNotify
SHFileOperationA
SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
CharLowerA
CharToOemA
CharToOemBuffA
CharUpperA
CopyRect
CreateWindowExA
DefWindowProcA
DestroyIcon
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
FindWindowExA
GetClassNameA
GetClientRect
GetDlgItem
GetDlgItemTextA
GetMessageA
GetParent
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
IsWindow
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadIconA
LoadStringA
MapWindowPoints
MessageBoxA
OemToCharA
OemToCharBuffA
PeekMessageA
PostMessageA
RegisterClassExA
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetMenu
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UpdateWindow
WaitForInputIdle
wsprintfA
wvsprintfA
File identification
MD5 dcbe52db6e6238a46101ee47cdb1b3e8
SHA1 506a641febfd916f710db253fc93f6937189059c
SHA256 25997959ef107ebd993c9fed532520eda2d7d5bbd4f11619bec588907fe8bd95
ssdeep
12288:w3xyI0W0/3sGbAR3ga98zrmejak+cGodouF4dxGj3ztazrqOz+XVN:w3f0/1b0mjQvolFjVIgN

File size 873.1 KB ( 894079 bytes )
File type Win32 EXE
Magic literal

TrID WinRAR Self Extracting archive (96.2%)
Win32 Executable Generic (1.5%)
Win32 Dynamic Link Library (generic) (1.4%)
Generic Win/DOS Executable (0.3%)
DOS Executable Generic (0.3%)
VirusTotal metadata
First submission 2010-02-07 22:07:42 UTC ( 8 years, 8 months ago )
Last submission 2011-08-14 15:02:21 UTC ( 7 years, 2 months ago )
File names Y3SoRpYkaz.tgz
DCBE52DB6E6238A46101EE47CDB1B3E8
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!