× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 61e6b53976f68292caf0b4c5cb29ee1f03ca0a8ffc47dbdd3fb06eda70d3ed16
File name: aa
Detection ratio: 41 / 43
Analysis date: 2010-12-01 16:19:52 UTC ( 7 years ago )
Antivirus Result Update
AhnLab-V3 Win-Trojan/Fakeav.178688.DT 20101201
AntiVir TR/FraudPack.bkyc 20101201
Antiy-AVL Trojan/Win32.FraudPack.gen 20101201
Avast Win32:MalOb-CE 20101201
Avast5 Win32:MalOb-CE 20101201
AVG Generic19.SFQ 20101201
BitDefender Gen:Variant.Kazy.590 20101201
CAT-QuickHeal Trojan.FraudPack.bkyc 20101201
ClamAV BC.Heuristic.Trojan.SusPacked.TMS 20101201
Command W32/Katusha.D.gen!Eldorado 20101201
Comodo Win32.PkdKrap.AS 20101201
DrWeb Trojan.DownLoader1.20708 20101201
Emsisoft Trojan.Win32.FakeAV!IK 20101201
eSafe Win32.FakeAlert.Pf 20101201
eTrust-Vet Win32/FakeAV.M!generic 20101201
F-Prot W32/Katusha.D.gen!Eldorado 20101130
F-Secure Gen:Variant.Kazy.590 20101201
Fortinet W32/FraudPack.BKYC!tr 20101201
GData Gen:Variant.Kazy.590 20101201
Ikarus Trojan.Win32.FakeAV 20101201
Jiangmin Trojan/FraudPack.edh 20101201
K7AntiVirus Trojan 20101201
Kaspersky Trojan.Win32.FraudPack.bkyc 20101201
McAfee FakeAlert-PK.b 20101201
McAfee-GW-Edition FakeAlert-PK.b 20101201
Microsoft Rogue:Win32/FakeRean 20101201
NOD32 a variant of Win32/Kryptik.GUB 20101201
Norman W32/Suspicious_Gen2.DJQEZ 20101201
nProtect Gen:Variant.Kazy.590 20101201
Panda Trj/Zlob.KH 20101201
PCTools Trojan.FakeAV 20101201
Rising Trojan.Win32.Generic.5233BB62 20101201
Sophos AV Mal/FakeAV-EI 20101201
SUPERAntiSpyware Trojan.Agent/Gen 20101201
Symantec Trojan.FakeAV!gen32 20101201
TheHacker Trojan/FraudPack.bkyc 20101201
TrendMicro TROJ_FAKEAV.SMZU 20101201
TrendMicro-HouseCall TROJ_FAKEAV.SMZU 20101201
VBA32 Malware-Cryptor.General.35 20101201
VIPRE LooksLike.Win32.Malware!D (v) 20101201
VirusBuster Trojan.FraudPack!JxkDIpWBoEQ 20101201
Prevx 20101201
ViRobot 20101201
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 8
PE sections
PE imports
ChangeServiceConfig2A
CreateServiceA
GetSecurityDescriptorControl
InitializeSecurityDescriptor
LookupAccountSidA
LookupPrivilegeValueA
OpenProcessToken
OpenSCManagerA
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
ContinueDebugEvent
CreateDirectoryA
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
ExpandEnvironmentStringsA
FindFirstFileA
FreeEnvironmentStringsA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetPrivateProfileSectionA
GetPrivateProfileStructA
GetProcAddress
GetProcessHeap
GetStdHandle
GetStringTypeA
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetThreadLocale
GetTimeZoneInformation
GetVersionExA
GlobalFree
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapReAlloc
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadWritePtr
IsValidCodePage
LCMapStringA
LeaveCriticalSection
LoadResource
LocalAlloc
Module32First
MulDiv
MultiByteToWideChar
OpenEventA
QueryPerformanceCounter
ReadFile
RemoveDirectoryA
ResetEvent
SetCurrentDirectoryA
SetErrorMode
SetEvent
SetFileAttributesA
SetLastError
SetPriorityClass
SetUnhandledExceptionFilter
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
lstrcatA
lstrlenA
CharUpperA
CopyRect
CreateDialogParamA
CreateWindowExA
DialogBoxParamA
EnumChildWindows
FindWindowA
GetActiveWindow
GetCursorPos
GetDesktopWindow
GetDlgItem
GetSysColorBrush
GetWindowLongA
GetWindowTextA
InvalidateRect
IsDlgButtonChecked
IsWindowVisible
KillTimer
MessageBoxA
MsgWaitForMultipleObjects
PostMessageA
SetDlgItemTextA
SetWindowTextA
ShowWindow
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
File identification
MD5 e0bb0e49fed8a2b4e1d926e2e2a59eae
SHA1 daeb7719f595bc54631135b94f79652a7027006c
SHA256 61e6b53976f68292caf0b4c5cb29ee1f03ca0a8ffc47dbdd3fb06eda70d3ed16
ssdeep
3072:BGaehpGfsBOxtXEfWUg7AJPEXsbnrL3IFcrt4IW1t5KRnAufh8rTBo5kRcBlkG:XfJjXEexAJPEXggyrt4rLKqufh8PBOwc

File size 174.5 KB ( 178688 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (67.8%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
VXD Driver (0.2%)
VirusTotal metadata
First submission 2010-09-18 18:26:12 UTC ( 7 years, 2 months ago )
Last submission 2010-12-01 16:19:52 UTC ( 7 years ago )
File names CShB_GmDuN.xlt
aa
bV94o73Oa.doc
Behaviour characterization
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!