× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2c7b1c7016db7e01a4d2d5e627276f5a1194cbac093e6dedcb38ca2dfb407fb7
File name: 167314
Detection ratio: 11 / 42
Analysis date: 2010-11-17 19:50:54 UTC ( 8 years, 3 months ago )
Antivirus Result Update
AntiVir ADSPY/AdSpy.Gen2 20101117
Avast5 Win32:Zwangi-J 20101117
BitDefender Gen:Variant.Adware.Zwangi.3 20101117
F-Secure Gen:Variant.Adware.Zwangi.3 20101117
GData Gen:Variant.Adware.Zwangi.3 20101117
McAfee Adware-OneStep.b 20101117
NOD32 a variant of Win32/Adware.OneStep.P 20101117
Norman W32/Zwangi.V 20101117
Panda Suspicious file 20101117
Sophos AV Zwangi 20101117
VIPRE Onestepsearch 20101117
AhnLab-V3 20101117
Antiy-AVL 20101117
Avast 20101117
AVG 20101117
CAT-QuickHeal 20101109
ClamAV 20101117
Command 20101117
Comodo 20101117
DrWeb 20101117
Emsisoft 20101117
eSafe 20101116
eTrust-Vet 20101117
F-Prot 20101117
Fortinet 20101117
Ikarus 20101117
Jiangmin 20101117
K7AntiVirus 20101117
Kaspersky 20101117
McAfee-GW-Edition 20101117
Microsoft 20101117
nProtect 20101117
PCTools 20101117
Rising 20101117
SUPERAntiSpyware 20101117
Symantec 20101117
TheHacker 20101117
TrendMicro 20101117
TrendMicro-HouseCall 20101117
VBA32 20101117
ViRobot 20101117
VirusBuster 20101117
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
Authenticode signature block and FileVersionInfo properties
PE header basic information
Number of sections 5
PE sections
PE imports
RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
ImageList_AddMasked
ImageList_Destroy
ImageList_Create
1 more function(s) imported by ordinal)
SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject
CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
lstrcmpiA
CopyFileA
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
MulDiv
ReadFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
ExitProcess
OleInitialize
OleUninitialize
CoCreateInstance
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation
ScreenToClient
GetWindowRect
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EndDialog
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
SendMessageTimeoutA
FindWindowExA
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
TrackPopupMenu
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
wsprintfA
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
File identification
MD5 9fd91489b2aab10ba3aa499bf814793f
SHA1 a2592cf52dac4afc0e62b489225d249b6e76fd3f
SHA256 2c7b1c7016db7e01a4d2d5e627276f5a1194cbac093e6dedcb38ca2dfb407fb7
ssdeep
12288:b61CXOlCopFuNlPAQjGGzkiSzraIbhg5nkMuUlEFpWCSsDP2C:b6qOUopFu/PYGYicashgBI/WL4p

File size 710.1 KB ( 727176 bytes )
File type unknown
Magic literal

TrID Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
Tags
signed

VirusTotal metadata
First submission 2010-11-17 19:50:54 UTC ( 8 years, 3 months ago )
Last submission 2010-11-17 19:50:54 UTC ( 8 years, 3 months ago )
File names 167314
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!