× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 50524a8618d1bf97df021e6883eb76db7a55a6d018a4768f8a9806ecd5cb0053
File name: 54CB6B563D450E921245B5D530756857
Detection ratio: 39 / 43
Analysis date: 2011-08-08 22:29:53 UTC ( 6 years, 6 months ago )
Antivirus Result Update
AhnLab-V3 Win-Trojan/Zbot.109568.B 20110808
AntiVir TR/Crypt.ZPACK.Gen 20110809
Avast Win32:Malware-gen 20110809
Avast5 Win32:Malware-gen 20110809
AVG PSW.Generic7.BBLN 20110809
BitDefender Trojan.Spy.Zbot.EKA 20110809
CAT-QuickHeal Trojan.Agent.ATV 20110808
ClamAV Trojan.Zbot-7443 20110808
Commtouch W32/Trojan2.LYWK 20110808
Comodo TrojWare.Win32.PkdKrap.AO 20110808
DrWeb Trojan.PWS.Panda.171 20110809
Emsisoft Trojan-Spy.Win32.Zbot!IK 20110808
eSafe Win32.TrojanHorse 20110808
eTrust-Vet Win32/Kollah.BMN 20110808
F-Prot W32/Trojan2.LYWK 20110809
F-Secure Trojan-Spy:W32/Zbot.PFE 20110808
Fortinet W32/Krapt.AOA!tr 20110808
GData Trojan.Spy.Zbot.EKA 20110808
Ikarus Trojan-Spy.Win32.Zbot 20110808
Jiangmin TrojanSpy.Zbot.ywu 20110808
K7AntiVirus Trojan 20110802
Kaspersky Trojan-Spy.Win32.Zbot.adql 20110808
McAfee PWS-Zbot.gen.ad 20110808
McAfee-GW-Edition PWS-Zbot.gen.ad 20110808
Microsoft PWS:Win32/Zbot.gen!W 20110808
NOD32 Win32/Spy.Zbot.JF 20110809
Norman W32/Suspicious_Gen2.dam 20110808
nProtect Trojan-Spy/W32.ZBot.109568.V 20110808
Panda Trj/Agent.KMX 20110808
PCTools HeurEngine.MaliciousPacker 20110808
Rising Trojan.Win32.Generic.11E93A24 20110808
Sophos AV Troj/FakeAV-AOF 20110808
Symantec Packed.Generic.264 20110809
TheHacker Trojan/Spy.Zbot.adql 20110807
TrendMicro Mal_Xed-24 20110808
TrendMicro-HouseCall Mal_Xed-24 20110809
VBA32 Trojan-Spy.Win32.Zbot.adql 20110808
VIPRE Trojan-Spy.Win32.Zbot.gen (v) 20110809
VirusBuster TrojanSpy.Zbot!FrxER9Obfe8 20110808
Antiy-AVL 20110808
Prevx 20110809
SUPERAntiSpyware 20110808
ViRobot 20110808
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
FileVersionInfo properties
Copyright
Copyright (c) 2004-2008 by Ronen Tzur

Publisher tzuk
Product Sandboxie
Original name Start.exe
Internal name Start
File version 3.26
Description Sandboxie Start
PE header basic information
Number of sections 7
PE sections
PE imports
LockResource
PrepareTape
HeapFree
VirtualAlloc
ExitProcess
GetStartupInfoA
FindResourceA
EnumResourceNamesA
GetModuleHandleA
EnumResourceTypesA
CoQueryClientBlanket
CLIPFORMAT_UserFree
BindMoniker
PropVariantChangeType
CoQueryProxyBlanket
send
WSADuplicateSocketW
listen
WPUCompleteOverlappedRequest
WSAStartup
WSACleanup
File identification
MD5 54cb6b563d450e921245b5d530756857
SHA1 4e5dc2263984c6506bed13da685d1d1566fc1718
SHA256 50524a8618d1bf97df021e6883eb76db7a55a6d018a4768f8a9806ecd5cb0053
ssdeep
3072:maxkIn2cZy5lZuvWx9tEhwjqChCCCJ9cxmPg:jn2N5GibqMufcxq

File size 107.0 KB ( 109568 bytes )
File type Win32 EXE
Magic literal

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2010-01-06 01:47:03 UTC ( 8 years, 1 month ago )
Last submission 2011-08-08 22:29:53 UTC ( 6 years, 6 months ago )
File names lIuOPz.tif
54CB6B563D450E921245B5D530756857
aa
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!