× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3ba4efb8ccfad179861577103c09e0b66154b0e12c1f727c5b517810b5efd40d
File name: F7126BF981E6CED1585489B3B9500E44
Detection ratio: 36 / 42
Analysis date: 2011-07-16 05:36:51 UTC ( 7 years, 6 months ago )
Antivirus Result Update
AhnLab-V3 Win-Trojan/Koblu.68608.P 20110715
AntiVir TR/Koblu.dhz 20110715
Avast Win32:Malware-gen 20110715
Avast5 Win32:Malware-gen 20110715
AVG Generic17.CCLI 20110715
BitDefender Trojan.Generic.KD.12509 20110716
CAT-QuickHeal Trojan.Koblu.dhz 20110715
Commtouch W32/MalwareF.HIAQ 20110716
Comodo TrojWare.Win32.Koblu.D 20110716
Emsisoft Trojan.Win32.Koblu!IK 20110716
F-Prot W32/MalwareF.HIAQ 20110715
F-Secure Trojan:W32/Agent.DIYW 20110716
Fortinet W32/Koblu.A!tr 20110716
GData Trojan.Generic.KD.12509 20110716
Ikarus Trojan.Win32.Koblu 20110716
Jiangmin Trojan/Koblu.yu 20110714
K7AntiVirus Riskware 20110715
Kaspersky Trojan.Win32.Koblu.dhz 20110716
McAfee Refpron.gen.q 20110716
McAfee-GW-Edition Refpron.gen.q 20110716
Microsoft Trojan:Win32/Sopiclick.A 20110715
NOD32 Win32/Refpron.IW 20110716
Norman W32/Refpron.CNZ 20110715
nProtect Gen:Variant.Refpron.3 20110715
Panda Trj/Genetic.gen 20110715
PCTools Trojan.Gen 20110713
Sophos AV Mal/Koblu-D 20110716
SUPERAntiSpyware Trojan.Agent/Gen-Virut[SK] 20110715
Symantec Trojan.Gen 20110716
TheHacker Trojan/Koblu.dhz 20110716
TrendMicro TROJ_REFPRON.SMF 20110716
TrendMicro-HouseCall TROJ_REFPRON.SMF 20110716
VBA32 SScope.Trojan-Downloader.072 20110715
VIPRE Trojan.Win32.Sopiclick.a (v) 20110716
ViRobot Trojan.Win32.Koblu.68608.A 20110716
VirusBuster Trojan.Koblu!o3MBWLHeegk 20110715
Antiy-AVL 20110715
ClamAV 20110716
eSafe 20110714
eTrust-Vet 20110715
Prevx 20110716
Rising 20110715
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
Packers identified
PEiD BobSoft Mini Delphi -> BoB / BobSoft
PE header basic information
Number of sections 8
PE sections
PE imports
GetCurrentThreadId
ExitProcess
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetSystemTime
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
FreeLibrary
HeapFree
HeapReAlloc
HeapAlloc
GetProcessHeap
LoadLibraryExA
GetProcAddress
File identification
MD5 f7126bf981e6ced1585489b3b9500e44
SHA1 54f13a206a490425592ab7fda12673a53915be7b
SHA256 3ba4efb8ccfad179861577103c09e0b66154b0e12c1f727c5b517810b5efd40d
ssdeep
768:NBOpA8pdDz0tEmKfgaL1X2p/iVbZX3eG0QCIevDb3XY2+ry1BMRaNin2mmcoLvL5:HoNgow/KVeGgv/nH+FaNin8xMSKJK24

File size 67.0 KB ( 68608 bytes )
File type Win32 EXE
Magic literal

TrID Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
VirusTotal metadata
First submission 2010-05-17 17:33:10 UTC ( 8 years, 8 months ago )
Last submission 2011-07-16 05:36:51 UTC ( 7 years, 6 months ago )
File names IJaERCq.7z
o6OV.com
aa
F7126BF981E6CED1585489B3B9500E44
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!