× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 57433d32bd25c3d1e3a544306333d9fd8242ddeab1bea435c4b249b5e0e4cf9d
File name: aa
Detection ratio: 29 / 39
Analysis date: 2010-04-12 09:15:01 UTC ( 8 years, 9 months ago )
Antivirus Result Update
a-squared Trojan.Renos!IK 20100412
AhnLab-V3 Win-Trojan/Downloader.107520.K 20100410
AntiVir TR/Renos.PCN 20100412
Avast Win32:Trojan-gen 20100411
Avast5 Win32:Trojan-gen 20100411
AVG Downloader.Agent2.VGB 20100411
BitDefender Trojan.Renos.PCN 20100412
Comodo TrojWare.Win32.Trojan.Agent.Gen 20100412
DrWeb Trojan.DownLoader1.4695 20100412
eTrust-Vet Win32/Wardunlo.EY 20100409
F-Secure Trojan.Renos.PCN 20100412
GData Trojan.Renos.PCN 20100412
Ikarus Trojan.Renos 20100412
Jiangmin Trojan/Pakes.kbv 20100412
Kaspersky Trojan-Downloader.Win32.CodecPack.kvh 20100412
McAfee-GW-Edition Heuristic.BehavesLike.Win32.Trojan.H 20100412
Microsoft TrojanDownloader:Win32/Renos.KO 20100412
NOD32 Win32/TrojanDownloader.FakeAlert.AWH 20100412
Norman W32/FakeAV.LXH 20100412
Panda Trj/CI.A 20100411
Prevx Medium Risk Malware Dropper 20100412
Rising Trojan.Win32.Generic.51FDE5C5 20100412
Sophos AV Mal/FakeAV-CX 20100412
Sunbelt Trojan.Win32.Generic!BT 20100412
Symantec Trojan.FakeAV 20100412
TheHacker Trojan/Downloader.FakeAlert.awh 20100412
TrendMicro TROJ_RENOS.SMDE 20100412
ViRobot Trojan.Win32.Downloader.107520.J 20100412
VirusBuster Trojan.DL.FakeAlert.CGF 20100411
Antiy-AVL 20100409
Authentium 20100412
CAT-QuickHeal 20100412
ClamAV 20100412
eSafe 20100411
F-Prot 20100412
Fortinet 20100410
nProtect 20100406
PCTools 20100412
VBA32 20100409
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 3
PE sections
PE imports
RegDeleteKeyA
RegCreateKeyA
GetLengthSid
ImageList_DrawEx
ImageList_Read
ImageList_Remove
ImageList_DragShowNolock
ImageList_Create
GetFileTitleA
ChooseColorA
GetSaveFileNameA
FindTextA
GetOpenFileNameA
GetBitmapBits
GetPixel
BitBlt
CreateBitmap
SetTextColor
GetDCOrgEx
GetDIBColorTable
SaveDC
SetPixel
RestoreDC
EnumCalendarInfoA
GetCurrentProcessId
GlobalFindAtomA
FormatMessageA
LoadResource
GetStringTypeA
lstrlenA
GetFullPathNameA
GetStringTypeW
WaitForSingleObject
SetEvent
GetUserDefaultLCID
lstrcpyA
GetStartupInfoA
GetLocaleInfoA
lstrcatA
GlobalAlloc
LoadLibraryExA
GetVersion
DeleteFileA
SetEndOfFile
GetLastError
lstrcmpiA
GlobalDeleteAtom
GetEnvironmentStrings
GetOEMCP
GetCommandLineA
GetCurrentThread
GetCurrentProcess
ExitThread
WriteFile
LocalAlloc
GetStdHandle
ReadFile
SetLastError
SetFilePointer
GetCPInfo
FindFirstFileA
RaiseException
GetFileAttributesA
GetCurrentThreadId
LocalReAlloc
InitializeCriticalSection
CloseHandle
GetModuleHandleA
SetThreadLocale
LoadLibraryA
CreateFileA
GetFileSize
GlobalAddAtomA
CompareStringA
GetACP
GetDateFormatA
ResetEvent
GetFileType
FreeResource
MulDiv
SizeofResource
MoveFileA
ExitProcess
Sleep
lstrcmpA
SetHandleCount
CreateThread
lstrcpynA
LockResource
SetErrorMode
GetTickCount
HeapDestroy
EnterCriticalSection
HeapFree
GetLocalTime
VirtualFree
GetProcessHeap
VirtualQuery
GetDiskFreeSpaceA
GetModuleFileNameA
FindClose
DeleteCriticalSection
WideCharToMultiByte
VirtualAllocEx
FindResourceA
VirtualAlloc
LocalFree
_acmdln
wcstol
strlen
pow
tolower
strncmp
rand
strcmp
time
memmove
memcpy
wcsncmp
clock
mbstowcs
swprintf
CoTaskMemFree
CoUninitialize
OleRegGetUserType
CoCreateInstanceEx
CLSIDFromProgID
CreateStreamOnHGlobal
OleRun
StringFromIID
CoRevokeClassObject
SafeArrayGetElement
GetErrorInfo
RegisterTypeLib
VariantCopyInd
SysFreeString
SysReAllocStringLen
VariantChangeType
OleLoadPicture
SHDeleteKeyA
SHSetValueA
SHDeleteValueA
SHGetValueA
PathIsDirectoryA
SHStrDupA
File identification
MD5 192689bf6f21727062b2aa6bfbc91257
SHA1 1f95e9b0aac45cb92f89f7f0196242e98a7ebb1b
SHA256 57433d32bd25c3d1e3a544306333d9fd8242ddeab1bea435c4b249b5e0e4cf9d
ssdeep
1536:0D5SHxkxBS7tY437+8zkSf1yTATZWyjU9OpJdGCLSbPDgg3GYcMRSj:0tSRkxg7JCSN0EZW1KJ3CDLPR

File size 105.0 KB ( 107520 bytes )
File type unknown
Magic literal

TrID Win32 Executable MS Visual C++ (generic) (63.0%)
Win32 Executable Generic (14.2%)
Win32 Dynamic Link Library (generic) (12.6%)
Clipper DOS Executable (3.3%)
Generic Win/DOS Executable (3.3%)
VirusTotal metadata
First submission 2010-04-07 17:18:57 UTC ( 8 years, 9 months ago )
Last submission 2010-04-12 09:15:01 UTC ( 8 years, 9 months ago )
File names aa
hgHmN.xml
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!