× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5bb8daa1ca1706fea0f236f00b7695b2ff23e22117681f2a7ad8a0ddefe85a30
File name: aa
Detection ratio: 23 / 41
Analysis date: 2010-05-20 11:36:40 UTC ( 7 years, 6 months ago )
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Qhost 20100519
AntiVir TR/Qhost.ndo 20100520
Avast5 Win32:SuspBehav-C 20100519
AVG Generic17.CAZA 20100520
BitDefender Trojan.Generic.KD.11961 20100520
Comodo TrojWare.Win32.Trojan.Agent.Gen 20100520
DrWeb Trojan.Hosts.373 20100520
F-Secure Trojan.Generic.KD.11961 20100520
GData Trojan.Generic.KD.11961 20100520
Ikarus Trojan.Win32.Qhost 20100520
Jiangmin Trojan/Qhost.bpj 20100520
Kaspersky Trojan.Win32.Qhost.ndo 20100520
McAfee Generic Qhost!bk 20100520
McAfee-GW-Edition Generic Qhost!bk 20100520
Microsoft Trojan:Win32/Qhost.CL 20100520
NOD32 Win32/Qhost.NVJ 20100520
Norman W32/Qhost.HSG 20100519
nProtect Trojan.Generic.KD.11961 20100519
Panda Trj/Spambot.C 20100519
Rising Trojan.Win32.Generic.5204C276 20100520
Sunbelt Trojan.Win32.Generic!BT 20100520
ViRobot Trojan.Win32.Qhost.62976.A 20100520
VirusBuster Trojan.Qhost.EGL 20100519
a-squared 20100510
Antiy-AVL 20100519
Authentium 20100520
Avast 20100519
CAT-QuickHeal 20100520
ClamAV 20100520
eSafe 20100517
eTrust-Vet 20100520
F-Prot 20100520
Fortinet 20100519
PCTools 20100520
Prevx 20100520
Sophos AV 20100520
Symantec 20100520
TheHacker 20100519
TrendMicro 20100520
TrendMicro-HouseCall 20100520
VBA32 20100520
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 5
PE sections
PE imports
RegSetValueExA
AddAccessAllowedAce
RegQueryValueExW
DeleteObject
DeleteDC
GetStockObject
PatBlt
SetBkColor
BitBlt
SetBkMode
WaitForSingleObject
GetModuleHandleW
SetUnhandledExceptionFilter
FormatMessageW
GetModuleHandleA
GetCurrentProcess
GetCurrentThreadId
GetModuleHandleA
GlobalAlloc
GetMessageW
BeginPaint
GetMessageW
PostMessageW
SendMessageW
ShowWindow
GetWindowRect
File identification
MD5 573cc06820d8c8053f42cb6076fb68bf
SHA1 e1c4fdeb810b7a13da26275a52331b6b96ed5a3e
SHA256 5bb8daa1ca1706fea0f236f00b7695b2ff23e22117681f2a7ad8a0ddefe85a30
ssdeep
1536:WnnSAHJkDHaSbfXRJDlZWK+n22BAEoNq+c3fO2SlQV:WnSLraSb2Rt+RNq+cQle

File size 61.5 KB ( 62976 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (51.2%)
Win16/32 Executable Delphi generic (12.4%)
Clipper DOS Executable (12.1%)
Generic Win/DOS Executable (12.0%)
DOS Executable Generic (12.0%)
VirusTotal metadata
First submission 2010-05-15 11:06:59 UTC ( 7 years, 6 months ago )
Last submission 2010-05-20 11:36:40 UTC ( 7 years, 6 months ago )
File names 1ur3Mil.gz
aa
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!