× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 41c85ca55c212b87d22faada78d89d55fdf905bcdc85147fed6e4df6f4588c16
File name: 38A22F090930297D1FBA24A1B308DAAA
Detection ratio: 43 / 43
Analysis date: 2011-07-17 15:10:35 UTC ( 7 years, 10 months ago )
Antivirus Result Update
AhnLab-V3 Win-Trojan/Onlinegamehack.20888.C 20110717
AntiVir TR/PSW.Magania.dmzv 20110715
Antiy-AVL Trojan/Win32.Magania.gen 20110715
Avast Win32:Lolyda-B [Trj] 20110717
Avast5 Win32:Lolyda-B [Trj] 20110717
AVG Dropper.Generic2.AARY 20110717
BitDefender Dropped:Trojan.Generic.4538359 20110717
CAT-QuickHeal Win32.PWS.Dozmot.D.3 20110717
ClamAV Trojan.Spy-73885 20110717
Commtouch W32/OnlineGames.A.gen!GSA 20110717
Comodo TrojWare.Win32.Agent.gnim 20110717
DrWeb Trojan.PWS.Gamania.27586 20110717
Emsisoft Virus.Win32.Lolyda!IK 20110717
eSafe Win32.TRPSW.Magania 20110714
eTrust-Vet Win32/Dozmot.AO 20110715
F-Prot W32/OnlineGames.A.gen!GSA 20110717
F-Secure Dropped:Trojan.Generic.4538359 20110717
Fortinet W32/Dropper.XW!tr 20110717
GData Dropped:Trojan.Generic.4538359 20110717
Ikarus Virus.Win32.Lolyda 20110717
Jiangmin Trojan/Generic.ahgh 20110714
K7AntiVirus Riskware 20110715
Kaspersky Trojan-GameThief.Win32.Emelent.ol 20110717
McAfee Artemis!38A22F090930 20110717
McAfee-GW-Edition Artemis!38A22F090930 20110716
Microsoft PWS:Win32/Dozmot.D 20110717
NOD32 Win32/TrojanDropper.Agent.ORH 20110717
Norman W32/Magania.GZ 20110717
nProtect Trojan-PWS/W32.WebGame.20888 20110717
Panda Trj/Lineage.LNC 20110717
PCTools Trojan-PSW.Gampass 20110713
Prevx Medium Risk Malware 20110717
Rising Trojan.Win32.Generic.12418CE2 20110715
Sophos AV Mal/PWS-AS 20110717
SUPERAntiSpyware Trojan.Agent/Gen-OnlineGames 20110717
Symantec Infostealer.Gampass 20110717
TheHacker Trojan/Dropper.Agent.orh 20110717
TrendMicro TSPY_DOZMOT.SMC 20110717
TrendMicro-HouseCall TSPY_DOZMOT.SMC 20110717
VBA32 TrojanDropper.Agent.orh 20110715
VIPRE BehavesLike.Win32.Malware.dah (mx-v) 20110717
ViRobot Trojan.Win32.PSWEmelent.20888.A 20110717
VirusBuster Trojan.DR.Dozmot.Gen 20110716
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Number of sections 3
PE sections
PE imports
RegEnumKeyA
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
ExitProcess
EnumProcessModules
wsprintfA
File identification
MD5 38a22f090930297d1fba24a1b308daaa
SHA1 33d3d2a60a2211703c273b97ceb796b2fb5f24b4
SHA256 41c85ca55c212b87d22faada78d89d55fdf905bcdc85147fed6e4df6f4588c16
ssdeep
384:0ikYsVMZ1B6pTo2gHD/sNeoacTaNpI4rWokM3shweGPNIie+:ZGVEB6pEP7sdaNpiayPkSih

File size 20.4 KB ( 20888 bytes )
File type Win32 EXE
Magic literal

TrID UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
Tags
upx

VirusTotal metadata
First submission 2010-09-07 13:38:32 UTC ( 8 years, 8 months ago )
Last submission 2011-07-17 15:10:35 UTC ( 7 years, 10 months ago )
File names GD6vVF9.xltm
smona130674256153861280658
Bdhz7vP.lnk
aa
38A22F090930297D1FBA24A1B308DAAA
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!