× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 45c0c8299b85c17592088a256a5190c2c9138a5b2716612962224eb6bfe07637
File name: 1ee9906c7a8942010791a157bdda4914
Detection ratio: 22 / 46
Analysis date: 2013-03-01 10:16:39 UTC ( 5 years, 8 months ago )
Antivirus Result Update
Yandex Trojan.Qhost!OA1ekhamcqQ 20130228
AntiVir TR/Rootkit.Gen 20130301
Avast Win32:Finkmilt-N [Rtk] 20130301
AVG Generic30.UVQ 20130301
BitDefender Gen:Variant.Zusy.23292 20130301
DrWeb Trojan.Hosts.5268 20130301
ESET-NOD32 Win32/Qhost.OUN 20130301
F-Secure Gen:Variant.Zusy.23292 20130301
Fortinet W32/Kryptic.QHS!tr 20130301
GData Gen:Variant.Zusy.23292 20130301
Ikarus Trojan.WinNT.Qhosts 20130226
Jiangmin Trojan/Generic.bavko 20130301
Kaspersky HEUR:Trojan.Win32.Generic 20130301
Kingsoft Win32.Malware.Generic.a.(kcloud) 20130225
Microsoft Trojan:WinNT/QHosts.B 20130301
eScan Gen:Variant.Zusy.23292 20130301
NANO-Antivirus Trojan.Win32.Qhost.bbuuja 20130301
Norman Suspicious_Gen5.ILDJ 20130228
SUPERAntiSpyware Trojan.Agent/Gen-Hoster 20130301
TheHacker Trojan/Qhost.oun 20130228
TrendMicro TROJ_GEN.R21CDC1 20130301
VIPRE Trojan.Win32.Generic!BT 20130301
AhnLab-V3 20130228
Antiy-AVL 20130228
ByteHero 20130221
CAT-QuickHeal 20130301
ClamAV 20130301
Commtouch 20130301
Comodo 20130301
Emsisoft 20130301
eSafe 20130211
F-Prot 20130301
K7AntiVirus 20130228
Malwarebytes 20130301
McAfee 20130301
McAfee-GW-Edition 20130301
nProtect 20130301
Panda 20130228
PCTools 20130301
Rising 20130228
Sophos AV 20130301
Symantec 20130301
TotalDefense 20130228
TrendMicro-HouseCall 20130301
VBA32 20130228
ViRobot 20130301
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Native subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2004-07-25 00:46:01
Entry Point 0x0000459E
Number of sections 1
PE sections
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Native

MachineType
Intel 386 or later, and compatibles

TimeStamp
2004:07:25 01:46:01+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
0

LinkerVersion
7.0

EntryPoint
0x459e

InitializedDataSize
0

SubsystemVersion
5.1

ImageVersion
5.1

OSVersion
5.1

UninitializedDataSize
0

File identification
MD5 1ee9906c7a8942010791a157bdda4914
SHA1 c3f8bd68f4ec050490af59bd16c2d979c12b48d6
SHA256 45c0c8299b85c17592088a256a5190c2c9138a5b2716612962224eb6bfe07637
ssdeep
384:vwH2PZ0AegRqlLeASy/DaCnBKxSt4s2/Jb2fiumw4m/gtAsT6/7520VioqGCawuw:1Zh3MB68L06F22fiu6+QG20VioqGKu

File size 27.8 KB ( 28416 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (native) Intel 80386 32-bit

TrID Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
Tags
peexe

VirusTotal metadata
First submission 2013-03-01 10:16:39 UTC ( 5 years, 8 months ago )
Last submission 2013-03-01 10:16:39 UTC ( 5 years, 8 months ago )
File names 1ee9906c7a8942010791a157bdda4914
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!