× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4b9ab7aa0785ae6173928c9045aa12abf3b8079b22fc603b5949d15075203cfe
File name: aa
Detection ratio: 16 / 40
Analysis date: 2010-02-06 19:18:22 UTC ( 9 years, 2 months ago )
Antivirus Result Update
AntiVir TR/Crypt.XPACK.Gen 20100205
Avast Win32:Rootkit-gen 20100206
BitDefender Gen:Heur.Krypt.iq0@aOBvR2oc 20100206
Comodo TrojWare.Win32.TrojanSpy.Zbot.Gen 20100206
DrWeb Trojan.Packed.19647 20100206
F-Secure Gen:Heur.Krypt.iq0@aOBvR2oc 20100206
GData Gen:Heur.Krypt.iq0@aOBvR2oc 20100206
Kaspersky Packed.Win32.Krap.w 20100206
McAfee-GW-Edition Trojan.Crypt.XPACK.Gen 20100206
Microsoft PWS:Win32/Zbot.gen!W 20100206
NOD32 a variant of Win32/Kryptik.BWC 20100206
PCTools HeurEngine.MaliciousPacker 20100206
Prevx High Risk Rootkit 20100206
Sophos AV Mal/EncPk-MZ 20100206
Sunbelt Trojan.Win32.Bredolab.Gen.1 (v) 20100206
TrendMicro TROJ_QAKBOT.SMG 20100206
a-squared 20100206
AhnLab-V3 20100206
Antiy-AVL 20100205
Authentium 20100206
AVG 20100206
CAT-QuickHeal 20100206
ClamAV 20100206
eSafe 20100204
eTrust-Vet 20100205
F-Prot 20100206
Fortinet 20100206
Ikarus 20100206
Jiangmin 20100206
K7AntiVirus 20100206
McAfee 20100206
McAfee+Artemis 20100206
Norman 20100206
nProtect 20100206
Panda 20100206
Rising 20100206
TheHacker 20100206
VBA32 20100205
ViRobot 20100205
VirusBuster 20100206
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 4
PE sections
PE imports
TextOutW
CreateFontIndirectW
SetBkMode
LineTo
DeleteDC
BitBlt
PatBlt
SetUnhandledExceptionFilter
WaitForSingleObject
GetCommandLineA
ExitProcess
FormatMessageW
GetCurrentProcessId
VirtualAlloc
QueryPerformanceCounter
GetModuleHandleW
LocalAlloc
LocalFree
LoadLibraryA
GetModuleHandleA
VirtualAlloc
GetModuleHandleA
FreeLibrary
GetACP
GetModuleHandleA
DefWindowProcW
SetTimer
GetMessageW
GetDlgItem
EnableWindow
GetWindowRect
ShowWindow
PostMessageW
CreateWindowExW
GetDlgItem
PostMessageW
UpdateLayeredWindow
GetDC
LoadIconW
EnableWindow
LoadStringW
EnableWindow
File identification
MD5 d088fd23f7e3880133c0cea52e17d75d
SHA1 352bfb1e7b3a21818d2e8a316d3b5ca9bc243365
SHA256 4b9ab7aa0785ae6173928c9045aa12abf3b8079b22fc603b5949d15075203cfe
ssdeep
3072:ySRVv2HyhddOBoogc+hjukgQOmj/tw3tFzehr6r/rhUmW6S8U:yS7v2H6aBoogc7kgytg7zeha1UmW6

File size 133.5 KB ( 136704 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2010-02-06 19:18:22 UTC ( 9 years, 2 months ago )
Last submission 2010-02-06 19:18:22 UTC ( 9 years, 2 months ago )
File names aa
XzUfVzrG.wsf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!