× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5333eb2df31b024319f8dcab02f8f6c6d19f78603900c3b90613a58a81221f58
File name: process.0x86656020.0x70000.dmp
Detection ratio: 21 / 47
Analysis date: 2013-05-28 22:03:12 UTC ( 4 years, 5 months ago )
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Zbot 20130528
Avast Win32:Zbot-NRC [Trj] 20130528
AVG Generic_s.AHY 20130528
ClamAV Trojan.Spy.Zbot-142 20130523
Commtouch W32/Zbot.BZ.gen!Eldorado 20130528
Comodo TrojWare.Win32.Zbot.NEWA 20130528
F-Prot W32/Zbot.BZ.gen!Eldorado 20130528
GData Win32:Zbot-NRC 20130528
Ikarus Trojan-Spy.Win32.Zbot 20130528
K7AntiVirus Trojan 20130528
K7GW Trojan 20130528
McAfee PWS-Zbot.gen.vo 20130528
McAfee-GW-Edition PWS-Zbot.gen.vo 20130528
Microsoft PWS:Win32/Zbot.gen!AJ 20130528
NANO-Antivirus Trojan.Win32.Panda.bonqum 20130528
Norman ZBot.VAL 20130528
Rising Trojan.PSW.Zbot!47F5 20130528
SUPERAntiSpyware Trojan.Agent/Gen-Zbot 20130528
TotalDefense Win32/Zbot.CXZ 20130528
TrendMicro Cryp_Xin1 20130528
TrendMicro-HouseCall Cryp_Xin1 20130528
Yandex 20130528
AntiVir 20130528
Antiy-AVL 20130528
BitDefender 20130528
ByteHero 20130528
CAT-QuickHeal 20130528
DrWeb 20130528
Emsisoft 20130528
eSafe 20130527
ESET-NOD32 20130528
F-Secure 20130528
Fortinet 20130528
Jiangmin 20130528
Kaspersky 20130528
Kingsoft 20130506
Malwarebytes 20130528
eScan 20130528
nProtect 20130528
Panda 20130528
PCTools 20130521
Sophos AV 20130529
Symantec 20130528
TheHacker 20130528
VBA32 20130528
VIPRE 20130528
ViRobot 20130528
The file being studied is a Portable Executable file! More specifically, it is a DOS EXE file.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2012-10-05 15:07:25
Entry Point 0x0002C055
Number of sections 3
PE sections
ExifTool file metadata
FileAccessDate
2013:05:28 23:03:16+01:00

FileCreateDate
2013:05:28 23:03:16+01:00

File identification
MD5 fa1f8676a0dbf79dceed54ee3bd5f272
SHA1 edbd079ac21448f3b06429961da784419d4eda3d
SHA256 5333eb2df31b024319f8dcab02f8f6c6d19f78603900c3b90613a58a81221f58
ssdeep
6144:rT1PqqDLlli0DpHDsWz6zLtOKfP++GpYvPRBQBeid4:rYqnlli0DVMzhOd+0m2d4

File size 240.0 KB ( 245760 bytes )
File type DOS EXE
Magic literal
MS-DOS executable

TrID Win32 Executable (generic) (51.6%)
DOS Executable Borland Pascal 7.0x (16.1%)
Generic Win/DOS Executable (15.8%)
DOS Executable Generic (15.8%)
VXD Driver (0.2%)
Tags
mz

VirusTotal metadata
First submission 2013-05-28 22:03:12 UTC ( 4 years, 5 months ago )
Last submission 2013-05-28 22:03:12 UTC ( 4 years, 5 months ago )
File names process.0x86656020.0x70000.dmp
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!