× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4e7259be378efcf685fb4eeaa2199b22bebda12a1f2cffd42b058430404f3ac6
File name: aa
Detection ratio: 38 / 43
Analysis date: 2010-09-27 04:02:26 UTC ( 7 years, 12 months ago )
Antivirus Result Update
AhnLab-V3 Win-Trojan/Onlinegamehack.25416 20100926
AntiVir TR/Spy.Gen 20100926
Authentium W32/Injector.A.gen!Eldorado 20100927
Avast Win32:Malware-gen 20100926
Avast5 Win32:Malware-gen 20100926
AVG PSW.OnlineGames3.AUBQ.dropper 20100926
BitDefender Trojan.Generic.4763987 20100927
CAT-QuickHeal TrojanGameThief.OnLineGames.b 20100927
ClamAV Trojan.Spy-76895 20100927
Comodo TrojWare.Win32.Trojan.Agent.Gen 20100927
DrWeb Trojan.PWS.Wsgame.23390 20100927
Emsisoft Trojan.SuspectCRC!IK 20100927
eSafe Win32.TRSpy 20100926
eTrust-Vet Win32/Zuten!generic 20100925
F-Prot W32/Injector.A.gen!Eldorado 20100927
F-Secure Trojan.Generic.4763987 20100927
GData Trojan.Generic.4763987 20100927
Ikarus Trojan.SuspectCRC 20100927
Jiangmin Trojan/Generic.azcn 20100926
K7AntiVirus Riskware 20100925
Kaspersky Trojan-GameThief.Win32.OnLineGames.bnps 20100927
McAfee Artemis!2228386D37B6 20100927
McAfee-GW-Edition Artemis!2228386D37B6 20100926
Microsoft Trojan:Win32/Dynamer!dtc 20100926
NOD32 a variant of Win32/PSW.OnLineGames.PCO 20100926
Norman Suspicious_Gen2.CCSMK 20100926
nProtect Trojan-PWS/W32.WebGame.25416.C 20100927
Panda Trj/Lineage.BZE 20100926
PCTools Trojan-PSW.Gampass 20100927
Rising Trojan.Win32.Generic.522F6972 20100925
Sophos AV Mal/Generic-L 20100927
Sunbelt Trojan.Win32.Generic!BT 20100927
SUPERAntiSpyware Trojan.Downloader-Gen/Suspicious 20100927
Symantec Infostealer.Gampass 20100927
TheHacker Trojan/OnLineGames.pco 20100927
TrendMicro TROJ_GEN.R43E1IC 20100926
TrendMicro-HouseCall TROJ_GEN.R43E1IC 20100927
VBA32 BScope.Trojan-Inject.0680 20100924
Antiy-AVL 20100926
Fortinet 20100926
Prevx 20100927
ViRobot 20100927
VirusBuster 20100926
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 3
PE sections
PE imports
CryptDecrypt
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
ExitProcess
UuidCreate
wsprintfA
WSCEnumProtocols
File identification
MD5 2228386d37b6093d2a0a132c4bc9caf3
SHA1 fabf2d576d9796928d54efdbcdd26351e765325f
SHA256 4e7259be378efcf685fb4eeaa2199b22bebda12a1f2cffd42b058430404f3ac6
ssdeep
384:mjZmyDQa+W3Hu+wiSmhjKALff0v7AwJKmVPJwRmy1kfX46Zh9:mjZmTPWXu+PhRX0jAwJfBw8y1l6T9

File size 24.8 KB ( 25416 bytes )
File type unknown
Magic literal

TrID UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
VirusTotal metadata
First submission 2010-09-08 04:22:10 UTC ( 8 years ago )
Last submission 2010-09-27 04:02:26 UTC ( 7 years, 12 months ago )
File names MasU.fon
aa
Behaviour characterization
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!