× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 49ee54aa28d63e516222bf90573a26db64d151a7614f446c80508b71a3692883
File name: vt-upload-P8Cxy
Detection ratio: 40 / 51
Analysis date: 2014-04-28 17:58:57 UTC ( 4 years, 6 months ago )
Antivirus Result Update
Ad-Aware Trojan.GenericKDZ.24233 20140428
Yandex TrojanSpy.Zbot!19L6HGRFMZc 20140428
AhnLab-V3 Spyware/Win32.Zbot 20140428
AntiVir TR/Spy.ZBot.8581754 20140428
Antiy-AVL Trojan[Spy]/Win32.Zbot 20140428
Avast Win32:Zbot-SDY [Trj] 20140428
AVG PSW.Generic12.QJZ 20140428
Baidu-International Trojan.Win32.Zbot.aY 20140428
BitDefender Trojan.GenericKDZ.24233 20140428
CAT-QuickHeal TrojanPWS.Zbot.Gen 20140428
Comodo TrojWare.Win32.Injector.ASX 20140428
DrWeb Trojan.DownLoader4.56756 20140428
Emsisoft Trojan.GenericKDZ.24233 (B) 20140428
ESET-NOD32 a variant of Win32/Injector.ASXL 20140428
F-Secure Trojan.GenericKDZ.24233 20140428
Fortinet W32/Zbot.OA!tr 20140428
GData Trojan.GenericKDZ.24233 20140428
Ikarus Virus.Win32.CeeInject 20140428
Jiangmin TrojanDropper.FrauDrop.sjf 20140428
K7AntiVirus Trojan ( 00490eb51 ) 20140428
K7GW Trojan ( 00490eb51 ) 20140428
Kaspersky Trojan-Spy.Win32.Zbot.qvik 20140428
Kingsoft Win32.Troj.Generic.a.(kcloud) 20140428
Malwarebytes Trojan.Agent.ED 20140428
McAfee PWSZbot-FMU!F5AA2440E130 20140428
McAfee-GW-Edition PWSZbot-FMU!F5AA2440E130 20140428
Microsoft VirTool:Win32/Injector.gen!CA 20140428
eScan Trojan.GenericKDZ.24233 20140428
NANO-Antivirus Trojan.Win32.Zbot.cqqktz 20140428
Norman Injector.FTQV 20140428
nProtect Trojan.GenericKDZ.24233 20140427
Panda Trj/Genetic.gen 20140427
Qihoo-360 Win32/Trojan.Spy.a54 20140428
Rising PE:Malware.Obscure/Heur!1.9E03 20140428
Sophos AV Mal/Ransom-CE 20140428
Symantec Trojan.Smoaler 20140428
TrendMicro TROJ_GEN.R08NC0CDR14 20140428
TrendMicro-HouseCall TROJ_GEN.R08NC0CDR14 20140428
VBA32 TrojanSpy.Zbot 20140428
VIPRE Trojan.Win32.Fareit.if (v) 20140428
AegisLab 20140428
Bkav 20140428
ByteHero 20140428
ClamAV 20140428
CMC 20140424
Commtouch 20140428
F-Prot 20140427
SUPERAntiSpyware 20140428
TheHacker 20140426
TotalDefense 20140428
ViRobot 20140428
File identification
MD5 f5aa2440e1301a0e589b10f22c0367ca
SHA1 aa36b345ea63dc9c1b6ac8add250933784c6d7c1
SHA256 49ee54aa28d63e516222bf90573a26db64d151a7614f446c80508b71a3692883
ssdeep
6144:Srr6In1oJODaZk3C3wb1zmG17iZqU1da36uq9t4v/v8FMeZ9pGtZ2v22hS:Sfhn1pe1E7KqUva3Jv/UzZing2J

File size 279.3 KB ( 286009 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (42.1%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tags
peexe

VirusTotal metadata
First submission 2014-04-28 17:58:57 UTC ( 4 years, 6 months ago )
Last submission 2014-04-28 17:58:57 UTC ( 4 years, 6 months ago )
File names vt-upload-P8Cxy
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Opened mutexes
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
UDP communications