× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 3bef7abb30fc53f1e8ab0456f82009b99231d843b441756afe13420ca5d7cf03
File name: F99E48E941A5DE0A82303E3617021F4C
Detection ratio: 22 / 43
Analysis date: 2011-07-18 09:42:14 UTC ( 6 years, 4 months ago )
Antivirus Result Update
AhnLab-V3 Backdoor/Win32.PcClient 20110718
AntiVir TR/Dldr.Agent.zbd 20110718
Antiy-AVL Trojan/win32.agent.gen 20110715
Avast Win32:SpyBot-GFX [Trj] 20110718
Avast5 Win32:SpyBot-GFX [Trj] 20110718
AVG Startpage.MUA 20110718
DrWeb Trojan.DownLoader2.11124 20110718
Emsisoft Downloader.Agent!IK 20110718
eSafe Win32.DRAgent.Xzp 20110718
GData Win32:SpyBot-GFX 20110718
Ikarus Downloader.Agent 20110718
Kaspersky Backdoor.Win32.PcClient.eefn 20110718
McAfee Generic BackDoor!cwz 20110718
McAfee-GW-Edition Generic BackDoor!cwz 20110718
NOD32 NSIS/TrojanDownloader.Agent.NCU 20110718
Norman Suspicious_Gen2.AEPHW 20110717
nProtect Backdoor/W32.PcClient.931424 20110717
Panda Suspicious file 20110717
Symantec Adware.ADH 20110718
VBA32 NSIS.TrojanDownloader.Agent.NCU 20110715
VIPRE Trojan.Win32.Generic!BT 20110718
ViRobot Backdoor.Win32.S.PcClient.931424 20110718
BitDefender 20110718
CAT-QuickHeal 20110718
ClamAV 20110718
Commtouch 20110718
Comodo 20110718
eTrust-Vet 20110718
F-Prot 20110718
F-Secure 20110718
Fortinet 20110718
Jiangmin 20110714
K7AntiVirus 20110715
Microsoft 20110718
PCTools 20110713
Prevx 20110718
Rising 20110715
Sophos AV 20110718
SUPERAntiSpyware 20110718
TheHacker 20110718
TrendMicro 20110718
TrendMicro-HouseCall 20110718
VirusBuster 20110717
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Number of sections 4
PE sections
PE imports
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetFileSecurityA
SetFileSecurityW
1 more function(s) imported by ordinal)
CommDlgExtendedError
GetOpenFileNameA
DeleteObject
CloseHandle
CompareStringA
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
ExitProcess
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FreeLibrary
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetDateFormatA
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetNumberFormatA
GetProcAddress
GetProcessHeap
GetStdHandle
GetTempPathA
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalAlloc
HeapAlloc
HeapFree
HeapReAlloc
IsDBCSLeadByte
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
MoveFileExA
MultiByteToWideChar
ReadFile
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
Sleep
SystemTimeToFileTime
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrlenA
CLSIDFromString
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
SHBrowseForFolderA
SHChangeNotify
SHFileOperationA
SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
CharToOemBuffA
CharUpperA
CopyRect
CreateWindowExA
DefWindowProcA
DestroyIcon
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
FindWindowExA
GetClassNameA
GetClientRect
GetDlgItem
GetDlgItemTextA
GetMessageA
GetParent
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
IsWindow
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadIconA
LoadStringA
MapWindowPoints
MessageBoxA
OemToCharA
OemToCharBuffA
PeekMessageA
PostMessageA
RegisterClassExA
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetMenu
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UpdateWindow
WaitForInputIdle
wsprintfA
wvsprintfA
File identification
MD5 f99e48e941a5de0a82303e3617021f4c
SHA1 efaa4e820c0e309801831ef63d4806c3263cfa54
SHA256 3bef7abb30fc53f1e8ab0456f82009b99231d843b441756afe13420ca5d7cf03
ssdeep
24576:dnJVCb9GM9wjVCpo6nZQy7fceEqYwmoBw:dJmGioPy4eTmuw

File size 909.6 KB ( 931424 bytes )
File type Win32 EXE
Magic literal

TrID WinRAR Self Extracting archive (95.7%)
Win32 Executable Generic (1.5%)
Win32 Dynamic Link Library (generic) (1.4%)
Win32 Executable Watcom C++ (generic) (0.4%)
Generic Win/DOS Executable (0.3%)
VirusTotal metadata
First submission 2010-09-21 14:45:04 UTC ( 7 years, 2 months ago )
Last submission 2011-07-18 09:42:14 UTC ( 6 years, 4 months ago )
File names F99E48E941A5DE0A82303E3617021F4C
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!