× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4e8ae3b91a9273d907884bc34e539da28fbf51b3c0eb498ebdbd808eaa6a511a
File name: B65B90EC790C50858627CF6A1A3FC2FE
Detection ratio: 40 / 43
Analysis date: 2011-08-09 11:22:40 UTC ( 6 years, 6 months ago )
Antivirus Result Update
AhnLab-V3 Trojan/Win32.OnLineGames 20110808
AntiVir TR/Agent.rsdz 20110809
Avast VBS:Malware-gen 20110809
Avast5 VBS:Malware-gen 20110809
AVG PSW.OnlineGames3.AKDV 20110809
BitDefender Trojan.Generic.6034119 20110809
CAT-QuickHeal Trojan.Chifrax.ik 20110809
ClamAV Trojan.Spy-70095 20110809
Commtouch W32/Trojan2.MMVO 20110809
Comodo TrojWare.Win32.PSW.OnlineGames.SFX 20110809
DrWeb Trojan.MulDrop1.16808 20110809
Emsisoft Worm.Win32.Koobface!IK 20110809
eSafe Win32.Dropper 20110808
eTrust-Vet Win32/MaranPWS!SFX 20110809
F-Prot W32/Trojan2.MMVO 20110809
F-Secure Trojan-PSW:W32/OnlineGames.gen!T 20110809
Fortinet W32/OnLineGames.BILU!tr.pws 20110809
GData Trojan.Generic.6034119 20110809
Ikarus Worm.Win32.Koobface 20110809
Jiangmin Trojan/PSW.OnLineGames.bkax 20110808
K7AntiVirus Riskware 20110802
Kaspersky Trojan-GameThief.Win32.OnLineGames.vyez 20110809
McAfee Artemis!B65B90EC790C 20110809
McAfee-GW-Edition Artemis!B65B90EC790C 20110809
Microsoft PWS:Win32/OnLineGames.HJ 20110809
NOD32 probably a variant of Win32/Agent.CBNJGVU 20110809
Norman W32/OnlineGames.J!genr 20110809
Panda Trj/CI.A 20110808
PCTools Trojan.Dropper 20110809
Rising Suspicious 20110809
Sophos AV Mal/Generic-L 20110809
SUPERAntiSpyware Trojan.Agent/Gen-OnlineGames 20110809
Symantec Infostealer.Gampass 20110809
TheHacker Trojan/Kryptik.axg 20110807
TrendMicro TSPY_ONLINEG.SMF 20110809
TrendMicro-HouseCall TSPY_ONLINEG.SMF 20110809
VBA32 Trojan-Downloader.Win32.Shecka 20110808
VIPRE Trojan.Win32.Generic!BT 20110809
ViRobot Trojan.Win32.PSWIGames.279789 20110809
VirusBuster Trojan.PWS.OnlineGames!KuRmTS/tXLg 20110808
Antiy-AVL 20110809
nProtect 20110809
Prevx 20110809
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Number of sections 4
PE sections
PE imports
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetFileSecurityA
SetFileSecurityW
1 more function(s) imported by ordinal)
CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA
DeleteObject
CloseHandle
CompareStringA
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
ExitProcess
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FreeLibrary
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetDateFormatA
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetNumberFormatA
GetProcAddress
GetProcessHeap
GetStdHandle
GetTempPathA
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalAlloc
HeapAlloc
HeapFree
HeapReAlloc
IsDBCSLeadByte
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
MoveFileExA
MultiByteToWideChar
ReadFile
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
Sleep
SystemTimeToFileTime
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrlenA
CLSIDFromString
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
SHBrowseForFolderA
SHChangeNotify
SHFileOperationA
SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
CharToOemA
CharToOemBuffA
CharUpperA
CopyRect
CreateWindowExA
DefWindowProcA
DestroyIcon
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
FindWindowExA
GetClassNameA
GetClientRect
GetDlgItem
GetDlgItemTextA
GetMessageA
GetParent
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
IsWindow
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadIconA
LoadStringA
MapWindowPoints
MessageBoxA
OemToCharA
OemToCharBuffA
PeekMessageA
PostMessageA
RegisterClassExA
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetMenu
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UpdateWindow
WaitForInputIdle
wsprintfA
wvsprintfA
File identification
MD5 b65b90ec790c50858627cf6a1a3fc2fe
SHA1 1ec6a418e7abdff528e77041658cbc726256b9d0
SHA256 4e8ae3b91a9273d907884bc34e539da28fbf51b3c0eb498ebdbd808eaa6a511a
ssdeep
6144:UZuuObR8sVImcyYUTJRFv3xGp5vExtMhdMy2NY3x3/ZE0C0ob:zV+mzL3xGzvAGoNoemob

File size 275.9 KB ( 282534 bytes )
File type Win32 EXE
Magic literal

TrID WinRAR Self Extracting archive (96.2%)
Win32 Executable Generic (1.5%)
Win32 Dynamic Link Library (generic) (1.4%)
Generic Win/DOS Executable (0.3%)
DOS Executable Generic (0.3%)
Tags
upx

VirusTotal metadata
First submission 2010-01-15 14:59:58 UTC ( 8 years, 1 month ago )
Last submission 2011-08-09 11:22:40 UTC ( 6 years, 6 months ago )
File names B65B90EC790C50858627CF6A1A3FC2FE
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!