× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 483ab4df269978f2e4b812fdf2fedb1c6516f3be92306fc85b238a36d016f29b
File name: aa
Detection ratio: 3 / 39
Analysis date: 2010-04-10 09:20:27 UTC ( 7 years, 8 months ago )
Antivirus Result Update
Kaspersky Trojan.Win32.Vilsel.abcv 20100410
McAfee-GW-Edition Heuristic.BehavesLike.Win32.Obfuscated.H 20100409
Microsoft PWS:Win32/Lolyda.AZ 20100410
a-squared 20100410
AhnLab-V3 20100409
AntiVir 20100409
Antiy-AVL 20100409
Authentium 20100409
Avast 20100409
Avast5 20100409
AVG 20100409
BitDefender 20100410
CAT-QuickHeal 20100409
ClamAV 20100410
Comodo 20100410
DrWeb 20100410
eSafe 20100408
eTrust-Vet 20100409
F-Prot 20100409
F-Secure 20100410
Fortinet 20100408
GData 20100410
Ikarus 20100410
Jiangmin 20100410
NOD32 20100409
Norman 20100409
nProtect 20100406
Panda 20100409
PCTools 20100410
Prevx 20100410
Rising 20100409
Sophos AV 20100410
Sunbelt 20100410
Symantec 20100410
TheHacker 20100410
TrendMicro 20100410
VBA32 20100409
ViRobot 20100410
VirusBuster 20100409
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 3
PE sections
PE imports
GetTickCount
GetTempPathA
lstrcatA
GetStartupInfoA
CloseHandle
WriteFile
CreateFileA
lstrlenA
GetSystemDirectoryA
GetCurrentThread
lstrcpyA
IsBadWritePtr
GetVersionExA
CreateRemoteThread
GetModuleHandleA
GetProcAddress
GetModuleFileNameA
WinExec
ExitProcess
GetCommandLineA
LoadLibraryA
exit
_acmdln
_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_XcptFilter
_except_handler3
free
strstr
_wcsicmp
memset
strcpy
strrchr
memcpy
__2@YAPAXI@Z
strncat
CoInitialize
ShellExecuteExA
wsprintfA
File identification
MD5 d5fa4187464dc79a84aaec16a6233cd1
SHA1 bda4ea1f66f664e57ccdd1b3d3681fe31ff28dc9
SHA256 483ab4df269978f2e4b812fdf2fedb1c6516f3be92306fc85b238a36d016f29b
ssdeep
3072:NEBLqT6liHPpbGF31c0rcaqBeNNSodSXIXisyJcN4:NEBLJivpbGF3e0VqBeNNpsIccN

File size 98.5 KB ( 100864 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2010-04-10 09:20:27 UTC ( 7 years, 8 months ago )
Last submission 2010-04-10 09:20:27 UTC ( 7 years, 8 months ago )
File names 1MBlcK_.sys
aa
35x7L3Gqk.sys
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!