× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4e3b431a8e7e9ec59dfaf3efc34dcdac939ac1935bdbb03c52259715b0cd21e3
File name: aa
Detection ratio: 40 / 43
Analysis date: 2010-09-25 23:12:46 UTC ( 7 years, 9 months ago )
Antivirus Result Update
AhnLab-V3 Dropper/Drooptroop.40448.AO 20100924
AntiVir TR/Drop.Drooptroop.cpt.20 20100924
Antiy-AVL Trojan/Win32.Drooptroop.gen 20100925
Authentium W32/TrojanX.EMUA 20100925
Avast Win32:Kates-CQ 20100925
Avast5 Win32:Kates-CQ 20100925
AVG Dropper.Generic_c.IDF 20100925
BitDefender Gen:Variant.Kates.2 20100925
CAT-QuickHeal TrojanDropper.Drooptroop.cpt 20100924
Comodo TrojWare.Win32.TrojanDropper.DroopTroop.BALK 20100925
DrWeb Trojan.Hottrend.14 20100925
Emsisoft Trojan-Dropper.Win32.Drooptroop!IK 20100925
eSafe Win32.GenVariant.Kat 20100921
eTrust-Vet Win32/Bamital.R 20100925
F-Prot W32/TrojanX.EMUA 20100925
F-Secure Gen:Variant.Kates.2 20100925
GData Gen:Variant.Kates.2 20100926
Ikarus Trojan-Dropper.Win32.Drooptroop 20100925
Jiangmin TrojanDropper.Drooptroop.fh 20100925
K7AntiVirus Trojan 20100925
Kaspersky Trojan-Dropper.Win32.Drooptroop.cpt 20100925
McAfee BackDoor-DKI.gen.cm 20100926
McAfee-GW-Edition BackDoor-DKI.gen.cm 20100925
Microsoft Trojan:Win32/Bamital.E 20100925
NOD32 a variant of Win32/Bamital.DA 20100925
Norman W32/Suspicious_Gen2.BDDQD 20100925
nProtect Gen:Variant.Kates.2 20100925
Panda Spyware/Virtumonde 20100925
PCTools Trojan.Gen 20100925
Prevx Medium Risk Malware Dropper 20100926
Rising Trojan.Win32.Generic.52096F8D 20100925
Sophos AV Mal/Bamital-A 20100926
Sunbelt Trojan.Win32.Bamital.G (v) 20100925
Symantec Trojan.Gen 20100926
TheHacker Trojan/Dropper.Drooptroop.cpt 20100925
TrendMicro TROJ_Gen.CX34U1 20100925
TrendMicro-HouseCall TROJ_Gen.CX34U1 20100926
VBA32 Trojan-Dropper.Win32.Drooptroop.cpt 20100924
ViRobot Dropper.S.Drooptroop.40448.AD 20100925
VirusBuster Trojan.DR.Drooptroop.Gen.6 20100926
ClamAV 20100925
Fortinet 20100925
SUPERAntiSpyware 20100925
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 3
PE sections
PE imports
GdiplusShutdown
CloseHandle
ExitProcess
GetLastError
GetProcAddress
GlobalAlloc
GlobalFree
LoadLibraryExA
VirtualAlloc
VirtualFree
File identification
MD5 e61c3b2594a47acd73efd62761cbaa82
SHA1 75eab5aedd2eadc315f374c235d066607814cc54
SHA256 4e3b431a8e7e9ec59dfaf3efc34dcdac939ac1935bdbb03c52259715b0cd21e3
ssdeep
768:pht6cU0WJeQAnrDm6wF7I5P1mLml3fIQ4:pht6JDCVwFk5tS0g

File size 39.5 KB ( 40448 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2010-06-14 12:36:20 UTC ( 8 years, 1 month ago )
Last submission 2010-09-25 23:12:46 UTC ( 7 years, 9 months ago )
File names aytTC4EJ.msi
4e3b431a8e7e9ec59dfaf3efc34dcdac939ac1935bdbb03c52259715b0cd21e3
aa
njn7t.doc
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!