× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3a9dce5eea535415fadb3b7946b504d7e9d8bfc2890a38a94fa8265a59471c04
File name: aa
Detection ratio: 40 / 43
Analysis date: 2010-10-23 22:17:01 UTC ( 7 years, 8 months ago )
Antivirus Result Update
AhnLab-V3 Win-Trojan/Agent.24206 20101023
AntiVir TR/Agent.VB.AB 20101022
Antiy-AVL Worm/Win32.Kolab.gen 20101023
Authentium W32/Kolab.AO 20101023
Avast Win32:Malware-gen 20101023
Avast5 Win32:Malware-gen 20101023
AVG Worm/Generic.BSCA 20101023
BitDefender Worm.Generic.272101 20101024
CAT-QuickHeal Trojan.Agent.gen 20101022
ClamAV Worm.Kolab-606 20101023
Comodo UnclassifiedMalware 20101023
DrWeb BackDoor.IRC.Sdbot.6672 20101023
Emsisoft Net-Worm.Win32.Kolab!IK 20101023
F-Prot W32/Kolab.AO 20101023
F-Secure Worm.Generic.272101 20101023
Fortinet W32/Dropper.VBD!tr 20101023
GData Worm.Generic.272101 20101023
Ikarus Net-Worm.Win32.Kolab 20101023
Jiangmin Worm/Kolab.anj 20101023
K7AntiVirus EmailWorm 20101022
Kaspersky Net-Worm.Win32.Kolab.kse 20101023
McAfee W32/Spybot.worm!dy 20101023
McAfee-GW-Edition W32/Spybot.worm!dy 20101023
Microsoft Trojan:Win32/Dynamer!dtc 20101023
NOD32 Win32/AutoRun.IRCBot.DL 20101023
Norman W32/Kolab.JV 20101023
nProtect Worm/W32.Kolab.204800.E 20101023
Panda W32/Gaobot.OXI.worm 20101023
PCTools Trojan.IRCBot!rem 20101023
Prevx High Risk Cloaked Malware 20101024
Rising Trojan.Win32.Generic.522D1A5B 20101022
Sophos AV Mal/Generic-L 20101023
Sunbelt Trojan.Win32.Generic!BT 20101023
Symantec W32.IRCBot 20101023
TheHacker Trojan/AutoRun.IRCBot.dl 20101023
TrendMicro TROJ_GEN.F4AE1HS 20101023
TrendMicro-HouseCall TROJ_GEN.USEHJ22 20101024
VBA32 Worm.Kolab.kse 20101022
ViRobot Worm.Win32.Net-Kolab.204800 20101023
VirusBuster Worm.Kolab.DXI 20101023
eSafe 20101021
eTrust-Vet 20101022
SUPERAntiSpyware 20101023
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
FileVersionInfo properties
Copyright
dsakOKAsoasfasioAPSLapskl

Publisher asdas56d4as5d4a5s6d4as56dasd
Product dsakOKAsoasfasioAPSLapskl
Original name newP0.bin
Internal name newP0
File version 4.04.0002
Description dsakOKAsoasfasioAPSLapskl
Comments sadjIOAJsOsjosjidoasdaasd
PE header basic information
Number of sections 3
PE sections
PE imports
MethCallEngine
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
4 more function(s) imported by ordinal)
File identification
MD5 10c8f29097da4856805a71e2fd0272e9
SHA1 2f8c635f4567cfabf87f4c985dbd8e5f1b65d73a
SHA256 3a9dce5eea535415fadb3b7946b504d7e9d8bfc2890a38a94fa8265a59471c04
ssdeep
3072:DZQEl3ZK2pboA1kbrx1bE+r1C4+RWRdAz2R+tzRqClQEl3ZK2pboa1kbrh:DyEl3ZK2b1Yrx1F1LAC+MEl3ZK2T1Yr

File size 200.0 KB ( 204800 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2010-08-23 01:36:21 UTC ( 7 years, 10 months ago )
Last submission 2010-10-23 22:17:01 UTC ( 7 years, 8 months ago )
File names aa
7PSv.ocx
mGEp3rph.cpl
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!