× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 621583f75348fe4f9a97d44fc325a1283be3661774e50d6ac570433d23eeb22b
File name: InstallInternetProtection_611.exe
Detection ratio: 8 / 42
Analysis date: 2011-04-21 10:50:08 UTC ( 3 years, 2 months ago ) View latest
Antivirus Result Update
AntiVir TR/Crypt.XPACK.Gen 20110421
BitDefender Gen:Trojan.Heur.FU.quX@am@e97ci 20110421
F-Secure Gen:Trojan.Heur.FU.quX@am@e97ci 20110421
GData Gen:Trojan.Heur.FU.quX@am@e97ci 20110421
Kaspersky Trojan-Downloader.Win32.FraudLoad.zdul 20110421
Microsoft Rogue:Win32/Defmid 20110421
Panda Suspicious file 20110420
Prevx Medium Risk Malware 20110421
AVG 20110421
AhnLab-V3 20110421
Antiy-AVL 20110421
Avast 20110421
Avast5 20110421
CAT-QuickHeal 20110421
ClamAV 20110421
Commtouch 20110421
Comodo 20110421
DrWeb 20110421
Emsisoft 20110421
F-Prot 20110421
Fortinet 20110421
Ikarus 20110421
Jiangmin 20110421
K7AntiVirus 20110420
McAfee 20110421
McAfee-GW-Edition 20110420
NOD32 20110421
Norman 20110421
PCTools 20110420
Rising 20110421
SUPERAntiSpyware 20110421
Sophos 20110421
Symantec 20110421
TheHacker 20110421
TrendMicro 20110421
TrendMicro-HouseCall 20110421
VBA32 20110420
VIPRE 20110421
ViRobot 20110421
VirusBuster 20110421
eSafe 20110420
eTrust-Vet 20110421
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file.
PE header basic information
Number of sections 5
PE sections
PE imports
StartServiceW
IsWellKnownSid
ExtFloodFill
CreateFontW
GetCurrentPositionEx
OffsetClipRgn
LoadLibraryA
FreeEnvironmentStringsW
GetProcAddress
RtlMoveMemory
CompareStringW
SizeofResource
AssignProcessToJobObject
LockFile
AnimateWindow
CallMsgFilter
PE exports
File identification
MD5 f2ec9f5d199c2f452c6cb0b510f9a1c2
SHA1 450fd6e9abc31d8fbdf256fafa38410c3c0fb226
SHA256 621583f75348fe4f9a97d44fc325a1283be3661774e50d6ac570433d23eeb22b
ssdeep
3072:ufbW3ZGoWUuySqomGWASZ3iU0IrzuPIvDi5528hmWYp4Fa88rM/yzcLjWk:uatuySSZS/kuPoDi32NV4a8hyzcLjWk

File size 261.6 KB ( 267892 bytes )
File type Win32 DLL
Magic literal

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2011-04-21 10:50:08 UTC ( 3 years, 2 months ago )
Last submission 2011-04-28 15:11:53 UTC ( 3 years, 2 months ago )
File names InstallInternetProtection_611.exe
f2ec9f5d199c2f452c6cb0b510f9a1c2
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!