× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 305d4f81d8676d26f19df273f77599c935d2077c9ba0a6e19c88d8d18bef89f5
File name: a6a94d75edf6b362b0fea858b0f3537c
Detection ratio: 37 / 42
Analysis date: 2011-06-27 16:02:32 UTC ( 2 years, 10 months ago ) View latest
Antivirus Result Update
AVG SHeur2.BTNH 20110627
AhnLab-V3 Win32/Palevo1.worm.Gen 20110626
AntiVir TR/Crypt.ZPACK.Gen 20110627
Antiy-AVL Worm/Win32.Palevo.gen 20110626
Avast Win32:Trojan-gen 20110627
Avast5 Win32:Trojan-gen 20110627
BitDefender Trojan.Generic.2885157 20110627
CAT-QuickHeal I-Worm.Palevo.koh 20110627
ClamAV Worm.Palevo-833 20110627
Commtouch W32/Worm.AXQG 20110627
DrWeb Win32.HLLW.Lime.52 20110627
F-Prot W32/Worm.AXQG 20110626
F-Secure Worm:W32/Palevo.gen!E 20110627
Fortinet W32/Kryptik.ANR!tr 20110627
GData Trojan.Generic.2885157 20110627
Ikarus P2P-Worm.Win32.Palevo 20110627
Jiangmin Worm/Palevo.iqi 20110627
K7AntiVirus EmailWorm 20110624
Kaspersky P2P-Worm.Win32.Palevo.crxu 20110627
McAfee Generic Dropper.xj 20110627
McAfee-GW-Edition Generic Dropper.xj 20110627
Microsoft Worm:Win32/Rimecud.A 20110627
NOD32 a variant of Win32/Kryptik.BDR 20110627
Norman W32/Suspicious_Gen2.MQCTR 20110625
PCTools Malware.Pilleuz 20110627
Panda Adware/AccesMembre 20110627
Rising Suspicious 20110627
Sophos Mal/Palevo-A 20110627
Symantec W32.Pilleuz!gen13 20110627
TheHacker W32/Rimecud.gen 20110627
TrendMicro WORM_PALEVO.SMEP 20110627
TrendMicro-HouseCall WORM_PALEVO.SMEP 20110627
VBA32 SScope.Trojan.FakeAV.0997 20110627
VIPRE Worm.Win32.Rimecud.a (v) 20110627
ViRobot Worm.Win32.P2P-Palevo.124928.J 20110627
VirusBuster Worm.P2P.Palevo!y8S4HO+D+h4 20110627
nProtect Worm/W32.Palevo.124928.J 20110627
Comodo 20110627
Prevx 20110627
SUPERAntiSpyware 20110627
eSafe 20110627
eTrust-Vet 20110627
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
Authenticode signature block
Copyright
aAMdAyUgY

Publisher Qf03yt6h1
Product 3cvNv8pkC
Original name oE755wzZD
Internal name xubzDEUml
File version kvG0bBBHv
Description wHqHm2FHJ
PE header basic information
Number of sections 5
PE sections
PE imports
ExcludeClipRect
GetClipBox
GetDCOrgEx
GetObjectA
SetViewportOrgEx
TextOutA
CreateFileMappingA
ExitProcess
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetProcAddress
InterlockedIncrement
IsDebuggerPresent
LoadLibraryA
VirtualAlloc
VirtualFree
DragQueryFile
DragQueryPoint
Shell_NotifyIconA
ClientToScreen
EndDialog
EndPaint
GetKeyState
GetParent
SetWindowLongA
SetWindowPos
SetWindowTextA
File identification
MD5 a6a94d75edf6b362b0fea858b0f3537c
SHA1 81eaef45fddf92529e02531fea84e2dfe6f3207f
SHA256 305d4f81d8676d26f19df273f77599c935d2077c9ba0a6e19c88d8d18bef89f5
ssdeep
3072:KSCFOXl3VRcrm/VfCJ1c4ktVLcb6r6udOoApaEXVpTkog:K76Eqfo1cht2b6WuddAcEXgr

File size 122.0 KB ( 124928 bytes )
File type Win32 EXE
Magic literal

TrID Win32 Executable Generic (38.3%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
VirusTotal metadata
First submission 2011-06-27 16:02:32 UTC ( 2 years, 10 months ago )
Last submission 2011-07-01 01:19:02 UTC ( 2 years, 9 months ago )
File names a6a94d75edf6b362b0fea858b0f3537c
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!