× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5c7fd3bee65c7c78c460a0698b5a4abef09643d54712db7d190c3359f7ad866c
Detection ratio: 7 / 40
Analysis date: 2010-01-27 20:20:24 UTC ( 8 years, 12 months ago )
Antivirus Result Update
a-squared Trojan.Win32.FakeAV!IK 20100127
AntiVir TR/Crypt.ZPACK.Gen 20100127
CAT-QuickHeal (Suspicious) - DNAScan 20100127
F-Secure Suspicious:W32/Malware!Gemini 20100127
Ikarus Trojan.Win32.FakeAV 20100127
McAfee-GW-Edition Trojan.Crypt.ZPACK.Gen 20100127
Rising Packer.Win32.Agent.GEN 20100127
AhnLab-V3 20100127
Antiy-AVL 20100127
Authentium 20100127
Avast 20100127
AVG 20100127
BitDefender 20100127
ClamAV 20100127
Comodo 20100127
DrWeb 20100127
eSafe 20100127
eTrust-Vet 20100127
F-Prot 20100127
Fortinet 20100127
GData 20100127
Jiangmin 20100127
K7AntiVirus 20100126
McAfee 20100127
McAfee+Artemis 20100127
Microsoft 20100127
NOD32 20100127
Norman 20100127
nProtect 20100127
Panda 20100127
PCTools 20100127
Prevx 20100127
Sophos AV 20100127
Sunbelt 20100127
Symantec 20100127
TheHacker 20100127
TrendMicro 20100127
VBA32 20100127
ViRobot 20100127
VirusBuster 20100127
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 4
PE sections
PE imports
OpenSCManagerW
RegOpenKeyW
UnregisterTraceGuids
RegCreateKeyW
RegDeleteValueA
IsValidSid
ControlService
RegOpenKeyExA
RegDeleteValueW
StartServiceW
OpenThreadToken
RegOpenKeyA
RegEnumKeyW
RegEnumKeyA
GetVersion
MultiByteToWideChar
GetThreadLocale
DeleteFileA
VirtualAlloc
FlushFileBuffers
lstrcatW
GetFileAttributesA
CreateFileW
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
GetOEMCP
GetDriveTypeA
CreateFileA
GetConsoleMode
ExitProcess
GetCurrentProcessId
__p__fmode
__set_app_type
floor
__3@YAXPAX@Z
atol
__p__commode
_unlock
_vsnprintf
_purecall
_lock
malloc
wcscpy
wcscspn
__setusermatherr
wcstombs
RtlSetOwnerSecurityDescriptor
RtlValidSecurityDescriptor
wcsstr
strrchr
RtlUnicodeStringToAnsiString
RtlInitializeGenericTable
RtlAllocateAndInitializeSid
RtlInitializeCriticalSection
WriteClassStm
CreateILockBytesOnHGlobal
CoCreateInstanceEx
OleUninitialize
CoSetProxyBlanket
CreateItemMoniker
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoRegisterClassObject
PathAppendA
StrRetToBufW
PathIsRootW
PathFileExistsW
StrCmpNIA
SHGetValueW
PathFindExtensionA
PathRemoveBlanksW
CallWindowProcW
LoadIconA
GetSystemMetrics
KillTimer
GetWindowDC
BeginPaint
LoadCursorW
GetDlgItem
GetSysColorBrush
LoadBitmapW
GetWindowLongA
GetMessagePos
IsWindow
EqualRect
IsRectEmpty
IsWindowVisible
GetWindowTextA
CharPrevW
GetWindow
IsWindowEnabled
ChangeMenuW
File identification
MD5 2b9a8b36becf018ef3c1ddc5e72e4ba3
SHA1 36718903ad253d77efda5d6b7bba8085b98c0625
SHA256 5c7fd3bee65c7c78c460a0698b5a4abef09643d54712db7d190c3359f7ad866c
ssdeep
384:SaghnoN56b6N8aHfFBOBQbYX9w8c6XJlvsQ3LUt3qMOfgaMNyizMxhxxgcMlDZLq:/geN8APtU2oLc3Q7UtYo+hxmDFBo870T

File size 24.5 KB ( 25088 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
VirusTotal metadata
First submission 2010-01-27 20:20:24 UTC ( 8 years, 12 months ago )
Last submission 2010-01-27 20:20:24 UTC ( 8 years, 12 months ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!