× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 42ab9a5f2c67a49fb7539918727b93e9170e305673fa84fcf01d702eb508cd2d
File name: aa
Detection ratio: 30 / 40
Analysis date: 2010-04-13 20:26:30 UTC ( 9 years ago )
Antivirus Result Update
a-squared Packed.Win32.Krap!IK 20100413
AntiVir TR/Crypt.XPACK.Gen 20100413
Antiy-AVL Packed/Win32.Krap.gen 20100413
Avast Win32:MalOb-AN 20100413
Avast5 Win32:MalOb-AN 20100413
BitDefender Trojan.Generic.3307368 20100413
CAT-QuickHeal Win32.Packed.Krap.w.4 20100413
ClamAV Trojan.Agent-143677 20100413
Comodo Heur.Suspicious 20100413
DrWeb Trojan.Packed.19647 20100413
eTrust-Vet Win32/QakbotCryptor 20100413
F-Secure Trojan.Generic.3307368 20100413
Fortinet W32/Krap.W 20100412
GData Trojan.Generic.3307368 20100413
Ikarus Packed.Win32.Krap 20100413
Jiangmin Packed.Krap.buia 20100413
Kaspersky Packed.Win32.Krap.w 20100413
McAfee PWS-Zbot.gen.at 20100413
McAfee-GW-Edition Trojan.Crypt.XPACK.Gen 20100413
Microsoft TrojanDownloader:Win32/Gobacker.A 20100413
NOD32 Win32/Agent.QUE 20100413
Norman W32/Crypt.VPE 20100413
Panda W32/Qbot.W.worm 20100413
Prevx Medium Risk Malware 20100413
Sophos AV Mal/Qbot-B 20100413
Sunbelt Trojan.Win32.Generic!BT 20100413
Symantec Trojan.ADH 20100413
TrendMicro TSPY_ZBOT.SMG 20100413
ViRobot Trojan.Win32.Krap.70661 20100413
VirusBuster Trojan.Agent.UFVL 20100413
AhnLab-V3 20100413
Authentium 20100413
AVG 20100413
eSafe 20100413
F-Prot 20100413
nProtect 20100406
PCTools 20100413
Rising 20100413
TheHacker 20100413
VBA32 20100409
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 4
PE sections
PE imports
PatBlt
TextOutW
SetTextColor
GetTextMetricsW
CreateCompatibleBitmap
GetObjectW
GetStockObject
DeleteObject
GetProcessHeap
SetUnhandledExceptionFilter
VirtualFree
VirtualAlloc
SetEvent
GetModuleHandleW
GetModuleHandleA
LoadLibraryA
MultiByteToWideChar
VirtualFree
GetACP
GetCurrentProcess
GetTickCount
LocalFree
LoadStringW
UpdateLayeredWindow
DestroyWindow
DestroyWindow
GetWindowRect
GetMessageW
GetDlgItem
GetSystemMetrics
PostMessageW
GetSystemMetrics
DefWindowProcW
File identification
MD5 1946171291989170cd7dfdb25762fc97
SHA1 3b5e96b62f689f84eea1ae6319b62f3bd48fa899
SHA256 42ab9a5f2c67a49fb7539918727b93e9170e305673fa84fcf01d702eb508cd2d
ssdeep
768:CfES1fTquJs4QLknU6r/x7zb4Tm/Z5y6uiirxSsjtNDkbPs7QSV/:8ZL44PnUYRmViiVSWrDfQSF

File size 69.0 KB ( 70661 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2010-02-13 02:02:23 UTC ( 9 years, 2 months ago )
Last submission 2010-04-13 20:26:30 UTC ( 9 years ago )
File names i9f5lMloU.xltx
aa
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!