× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 480c9809c231c45b2801dd2acd2c2ca21068122b53acf3f0b8e57fd0b7026d91
File name: aa
Detection ratio: 24 / 40
Analysis date: 2010-02-18 19:27:01 UTC ( 9 years, 2 months ago )
Antivirus Result Update
a-squared Riskware.AdWare.Win32.BHO!IK 20100218
AhnLab-V3 Win-Trojan/Downloader.197632.J 20100218
AntiVir HEUR/Malware 20100218
Avast Win32:Agent-AHGV 20100218
AVG Downloader.Generic9.ASIQ 20100218
Comodo Heur.Packed.Unknown 20100218
DrWeb BackDoor.Isnap.18 20100218
eSafe Win32.HEURMalware 20100218
Fortinet W32/Genome.AIIN!tr.dldr 20100218
GData Win32:Agent-AHGV 20100218
Ikarus not-a-virus:AdWare.Win32.BHO 20100218
Jiangmin TrojanDownloader.Genome.eud 20100218
K7AntiVirus Trojan.Win32.Malware.1 20100218
Kaspersky Trojan-Downloader.Win32.Genome.aiin 20100217
McAfee Generic Downloader.x!byq 20100218
McAfee+Artemis Generic Downloader.x!byq 20100218
McAfee-GW-Edition Heuristic.Malware 20100218
NOD32 probably a variant of Win32/TrojanDownloader.Delf.PCX 20100218
Norman W32/Downloader 20100218
Panda Trj/CI.A 20100218
PCTools Downloader.Generic 20100217
Sophos AV Mal/Generic-A 20100218
Symantec Downloader 20100218
VBA32 Trojan-Downloader.Win32.Genome.zll 20100218
Antiy-AVL 20100218
Authentium 20100218
BitDefender 20100218
CAT-QuickHeal 20100218
ClamAV 20100218
eTrust-Vet 20100218
F-Prot 20100217
F-Secure 20100218
Microsoft 20100218
nProtect 20100218
Rising 20100211
Sunbelt 20100218
TheHacker 20100218
TrendMicro 20100218
ViRobot 20100218
VirusBuster 20100218
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 3
PE sections
PE imports
RegFlushKey
ImageList_Add
SaveDC
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
ExitProcess
LZCopy
OleDraw
VariantCopy
VerQueryValueA
InternetOpenA
File identification
MD5 29d247a3afd948383195e94e6ac30b58
SHA1 eee204cd9adc88559c8da94a973abd0e7f7259cf
SHA256 480c9809c231c45b2801dd2acd2c2ca21068122b53acf3f0b8e57fd0b7026d91
ssdeep
6144:ryx0E/FzC/wEEP3/cbj9kQQPaL8hxx5ZghzaJma/pFWUop:rcZl53qSxaIhxPZQWJm2Po

File size 193.0 KB ( 197632 bytes )
File type unknown
Magic literal

TrID UPX compressed Win32 Executable (38.5%)
Win32 EXE Yoda's Crypter (33.4%)
Win32 Executable Generic (10.7%)
Win32 Dynamic Link Library (generic) (9.5%)
Win16/32 Executable Delphi generic (2.6%)
VirusTotal metadata
First submission 2010-02-11 12:38:04 UTC ( 9 years, 2 months ago )
Last submission 2010-02-18 19:27:01 UTC ( 9 years, 2 months ago )
File names lzbCMeA.tiff
aa
G3d65gyaO.xml
Behaviour characterization
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!