× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 269505c7dec0bc4fbc2891689435a11e8fb436ab36d26cd6f7a1f7dc734634ae
File name: aa
Detection ratio: 7 / 39
Analysis date: 2010-04-10 00:07:18 UTC ( 8 years, 10 months ago )
Antivirus Result Update
BitDefender Trojan.Renos.PCT 20100409
DrWeb Trojan.DownLoader1.4695 20100409
GData Trojan.Renos.PCT 20100409
NOD32 a variant of Win32/Kryptik.DOR 20100409
Panda Suspicious file 20100409
Prevx Medium Risk Malware Dropper 20100410
Sophos AV Mal/FakeAV-CX 20100409
a-squared 20100409
AhnLab-V3 20100409
AntiVir 20100409
Antiy-AVL 20100409
Authentium 20100409
Avast 20100409
Avast5 20100409
AVG 20100409
CAT-QuickHeal 20100409
ClamAV 20100409
Comodo 20100409
eSafe 20100408
eTrust-Vet 20100409
F-Prot 20100409
F-Secure 20100409
Fortinet 20100408
Ikarus 20100409
Jiangmin 20100409
Kaspersky 20100409
McAfee-GW-Edition 20100409
Microsoft 20100409
Norman 20100409
nProtect 20100406
PCTools 20100409
Rising 20100409
Sunbelt 20100409
Symantec 20100409
TheHacker 20100409
TrendMicro 20100409
VBA32 20100409
ViRobot 20100409
VirusBuster 20100409
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 3
PE sections
PE imports
FindTextA
GetOpenFileNameA
GetDIBColorTable
BitBlt
CreateDIBitmap
GetObjectA
SelectPalette
RestoreDC
SetEndOfFile
lstrcpynA
GetModuleHandleA
GetStringTypeW
SetThreadLocale
FindResourceA
ExitThread
FormatMessageA
GetOEMCP
GetProcAddress
GetDateFormatA
GetCurrentProcess
SetHandleCount
GetLocaleInfoA
lstrcpyA
HeapDestroy
GetLastError
FindFirstFileA
GetVersionExA
VirtualAllocEx
GetEnvironmentStrings
GetCurrentThread
EnumCalendarInfoA
WriteFile
GetLocalTime
GetACP
CompareStringA
FreeLibrary
GetFileSize
lstrlenA
GetCommandLineA
GetCPInfo
FindClose
HeapFree
GetCurrentProcessId
GlobalAlloc
CloseHandle
CreateThread
RaiseException
LoadLibraryExA
Sleep
ResetEvent
GetVersion
LocalFree
lstrcmpA
GetFileAttributesA
GetStdHandle
WideCharToMultiByte
HeapAlloc
GetStringTypeA
VirtualQuery
VirtualFree
GetCurrentThreadId
ReadFile
CreateFileA
GetProcessHeap
LoadLibraryA
LoadResource
GetFullPathNameA
DeleteCriticalSection
GlobalAddAtomA
SetFilePointer
LocalReAlloc
LocalAlloc
FreeResource
GlobalFindAtomA
GetSystemDefaultLangID
SetErrorMode
GetStartupInfoA
GetFileType
MoveFileA
MoveFileExA
MulDiv
GetTickCount
GetModuleFileNameA
SetLastError
ExitProcess
DeleteFileA
GlobalDeleteAtom
LockResource
GetThreadLocale
WaitForSingleObject
VirtualAlloc
CreateEventA
GetUserDefaultLCID
SetEvent
swprintf
wcscspn
rand
exp
strcmp
atol
log
memcpy
calloc
memmove
ReleaseStgMedium
GetHGlobalFromStream
CoUninitialize
CoGetObjectContext
PropVariantClear
CoGetMalloc
StgOpenStorage
VariantCopyInd
SysStringLen
VariantChangeType
SafeArrayGetUBound
SafeArrayGetElement
SysAllocStringLen
SysReAllocStringLen
SafeArrayUnaccessData
SafeArrayPtrOfIndex
PathFileExistsA
SHDeleteValueA
SHGetValueA
SHQueryInfoKeyA
SHQueryValueExA
PathIsDirectoryA
IsChild
DefFrameProcA
EnumThreadWindows
GetPropA
GetParent
IsWindowEnabled
EnableMenuItem
EndPaint
CallNextHookEx
DefWindowProcA
GetSysColorBrush
EnableWindow
GetDC
RegisterClassA
GetWindow
EndDeferWindowPos
EqualRect
CreatePopupMenu
GetLastActivePopup
GetScrollPos
GetCapture
GetForegroundWindow
MessageBoxA
GetSubMenu
ShowScrollBar
GetMenuState
GetKeyState
SetWindowTextA
SystemParametersInfoA
GetKeyNameTextA
GetScrollRange
FrameRect
DispatchMessageA
GetClipboardData
GetMenu
EnumChildWindows
DrawTextA
BeginPaint
CharLowerBuffA
GetFocus
GetDCEx
CallWindowProcA
CreateMenu
GetClassInfoA
DrawMenuBar
GetDesktopWindow
GetScrollInfo
GetMenuItemCount
SetTimer
CharLowerA
CharNextA
CreateWindowExA
DrawEdge
GetClientRect
GetCursor
GetMenuItemID
HideCaret
SetCursor
DrawIconEx
GetActiveWindow
EnumWindows
FindWindowA
GetIconInfo
GetSysColor
IsMenu
EnableScrollBar
SetWindowLongA
BeginDeferWindowPos
TrackPopupMenu
GetWindowTextA
IsWindowVisible
CreateIcon
DrawFrameControl
ShowWindow
SetWindowPos
ClientToScreen
GetMessagePos
CharToOemA
VerInstallFileA
VerFindFileA
GetFileVersionInfoA
File identification
MD5 3e493899a927dbbf65d82ff0e18d6177
SHA1 42909f46ecab6323198e065073e5f68124b7510f
SHA256 269505c7dec0bc4fbc2891689435a11e8fb436ab36d26cd6f7a1f7dc734634ae
ssdeep
1536:NpOCamqHmKQYuUdxQ0EKFzm+cbn7iC79T7hXWLNK/IejaISxTlYinh:NpXavQXoxQZKBm+u7Z7VdGLNK/IHxTa

File size 98.0 KB ( 100352 bytes )
File type unknown
Magic literal

TrID Win32 Executable MS Visual C++ (generic) (60.8%)
Win32 Executable Generic (13.7%)
Win32 Dynamic Link Library (generic) (12.2%)
Win16/32 Executable Delphi generic (3.3%)
Clipper DOS Executable (3.2%)
VirusTotal metadata
First submission 2010-04-10 00:02:18 UTC ( 8 years, 10 months ago )
Last submission 2010-04-10 00:07:18 UTC ( 8 years, 10 months ago )
File names EI4udwF.tar
aa
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!