× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4b977b37111f861cc63e96923065b7c2d3a117ef09bb00a608de6e9b54c9c0aa
File name: aa
Detection ratio: 19 / 41
Analysis date: 2010-02-22 03:56:39 UTC ( 8 years, 8 months ago )
Antivirus Result Update
a-squared Trojan-Proxy.Win32.Koobface!IK 20100222
AntiVir TR/Agent.dilm 20100222
Avast Win32:Malware-gen 20100221
BitDefender Trojan.Generic.IS.141495 20100222
Comodo UnclassifiedMalware 20100222
GData Trojan.Generic.IS.141495 20100222
Ikarus Trojan-Proxy.Win32.Koobface 20100222
McAfee+Artemis Artemis!E85E36C33D15 20100221
McAfee-GW-Edition Trojan.Agent.dilm 20100222
Microsoft TrojanProxy:Win32/Koobface.gen!H 20100221
Norman W32/Agent.TQCX 20100221
Panda Trj/CI.A 20100221
PCTools Trojan.Generic 20100222
Prevx Medium Risk Malware 20100222
Sophos AV Mal/Generic-A 20100222
Sunbelt Trojan.Win32.Agent 20100221
Symantec Trojan Horse 20100222
VBA32 suspected of Embedded.Trojan-Dropper.Win32.Agent.bncy 20100221
VirusBuster Trojan.PR.Koobface.DBL 20100221
AhnLab-V3 20100220
Antiy-AVL 20100219
Authentium 20100221
AVG 20100221
CAT-QuickHeal 20100222
ClamAV 20100222
DrWeb 20100221
eSafe 20100221
eTrust-Vet 20100220
F-Prot 20100221
F-Secure 20100219
Fortinet 20100221
Jiangmin 20100221
K7AntiVirus 20100220
Kaspersky 20100217
McAfee 20100221
NOD32 20100221
nProtect 20100221
Rising 20100211
TheHacker 20100222
TrendMicro 20100221
ViRobot 20100222
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
FileVersionInfo properties
Copyright
Copyright (c) 1991-2002 Famatech International Corp. All rights reserved.

Publisher Famatech International Corp.
Product Online Client Driver Task
Original name kb81920.so
Internal name kb81920.so
File version 5.9
Description Driver patch Application Validation OE NVIDIA
PE header basic information
Number of sections 4
PE sections
PE imports
RegOpenKeyExA
LoadResource
GetTickCount
WriteFile
Sleep
SizeofResource
GetSystemDirectoryA
lstrcatA
GetLastError
GetProcAddress
LoadLibraryA
LockResource
GetModuleFileNameA
GetModuleHandleA
ReleaseMutex
FindResourceA
GetTempPathA
ResumeThread
lstrcpyA
GetStdHandle
DeleteTimerQueue
GetCurrentProcessId
GetSystemInfo
VirtualProtect
HeapSize
CloseHandle
CreateFileA
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
GetStartupInfoA
GetCommandLineA
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
HeapFree
SetFilePointer
HeapAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
SetStdHandle
QueryPerformanceCounter
GetSystemTimeAsFileTime
FlushFileBuffers
OpenIcon
DestroyWindow
CharToOemA
9 more function(s) imported by ordinal)
File identification
MD5 e85e36c33d1563831a41ff25a37464be
SHA1 f594c656786d8ce7f264d5a33fb3d463157bc96b
SHA256 4b977b37111f861cc63e96923065b7c2d3a117ef09bb00a608de6e9b54c9c0aa
ssdeep
3072:2qxUkRfctN6d7fFD1q6qZdoj28vedmTBmPcukzTyoLxHy6Hc+op2LiFe1elZtcMq:rxUkRfct497BqZdoj2gedMBtnzTyotSf

File size 191.0 KB ( 195584 bytes )
File type unknown
Magic literal

TrID Win64 Executable Generic (58.8%)
Win32 Executable MS Visual C++ (generic) (25.9%)
Win32 Executable Generic (5.8%)
Win32 Dynamic Link Library (generic) (5.2%)
Clipper DOS Executable (1.3%)
VirusTotal metadata
First submission 2010-02-15 16:16:07 UTC ( 8 years, 8 months ago )
Last submission 2010-02-22 03:56:39 UTC ( 8 years, 8 months ago )
File names aa
zIBgD.txt
0CYVZIio.inf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!