× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4d4744ac66f562c186f0dac7d3874e063056df10a3ad8472e1b7c881a2749825
File name: E3E05B82AB1058CFBA080D9A08CF2CA8
Detection ratio: 37 / 43
Analysis date: 2011-07-16 08:28:36 UTC ( 7 years, 3 months ago )
Antivirus Result Update
AhnLab-V3 Win-Trojan/Agent.35840.PQ 20110715
AntiVir TR/Agent.35840 20110715
Avast Win32:Downloader-DGG [Trj] 20110715
Avast5 Win32:Downloader-DGG [Trj] 20110715
AVG Downloader.Agent2.SUK 20110715
BitDefender Trojan.Generic.3290267 20110716
CAT-QuickHeal TrojanDownloader.Agent.dfuz 20110715
Commtouch W32/Adload.E.gen!Eldorado 20110716
Comodo TrojWare.Win32.TrojanDownloader.Agent.~FVA 20110716
DrWeb Trojan.DownLoad1.45438 20110716
Emsisoft Trojan-Dropper.Agent!IK 20110716
eSafe Win32.TRAgent 20110714
F-Prot W32/Adload.E.gen!Eldorado 20110715
F-Secure Trojan.Generic.3290267 20110716
Fortinet W32/Agent.DFUZ!tr.dldr 20110716
GData Trojan.Generic.3290267 20110716
Ikarus Trojan-Dropper.Agent 20110716
Jiangmin TrojanDownloader.Agent.cobi 20110714
K7AntiVirus Trojan-Downloader 20110715
Kaspersky Trojan-Downloader.Win32.Agent.dfuz 20110716
McAfee Generic Downloader.x!dgi 20110716
McAfee-GW-Edition Generic Downloader.x!dgi 20110716
Microsoft TrojanDownloader:Win32/Netins.A 20110716
NOD32 Win32/Agent.QVK 20110716
Norman W32/Suspicious_Gen2.dam 20110715
nProtect Trojan-Downloader/W32.Agent.35840.CR 20110716
Panda Trj/StartPage.DGJ 20110715
PCTools Trojan.Gen 20110713
Rising AdWare.Win32.Nodef.pg 20110715
Sophos AV Troj/Agent-NYS 20110716
Symantec Trojan.Gen 20110716
TheHacker Trojan/Downloader.Agent.dfuz 20110716
TrendMicro TROJ_DLOAD.SMAC 20110716
TrendMicro-HouseCall TROJ_DLOAD.SMAC 20110716
VBA32 Trojan-Downloader.Win32.Agent.dfuz 20110715
VIPRE FraudTool.Win32.AVSoft (v) 20110716
VirusBuster Trojan.DL.Agent!/VepsWRCt9w 20110715
Antiy-AVL 20110715
ClamAV 20110716
eTrust-Vet 20110715
Prevx 20110716
SUPERAntiSpyware 20110715
ViRobot 20110716
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Number of sections 3
PE sections
PE imports
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
ExitProcess
1 more function(s) imported by ordinal)
wsprintfW
GetUrlCacheEntryInfoW
OleInitialize
URLDownloadToFileW
File identification
MD5 e3e05b82ab1058cfba080d9a08cf2ca8
SHA1 1ed9532f75339d9e5a53d469a637ea6bfbc237dd
SHA256 4d4744ac66f562c186f0dac7d3874e063056df10a3ad8472e1b7c881a2749825
ssdeep
768:lb6lEFHaZNvW953ibNtHLvmGHDWFJepwxBr884sxj6pT3W:lGlE5sNu95ybNtDmGjWCpw8842qi

File size 35.0 KB ( 35840 bytes )
File type Win32 EXE
Magic literal

TrID UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
Tags
upx

VirusTotal metadata
First submission 2010-03-15 19:39:09 UTC ( 8 years, 7 months ago )
Last submission 2011-07-16 08:28:36 UTC ( 7 years, 3 months ago )
File names E3E05B82AB1058CFBA080D9A08CF2CA8
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!