× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 669e89b1c4a06b5c4bfe5bd9b6c3d562382e5dc11ad30c286e71c3225768ae4d
File name: B19A622F7446F97D54ED5C15FF117C83
Detection ratio: 34 / 43
Analysis date: 2011-08-15 02:28:51 UTC ( 6 years, 4 months ago )
Antivirus Result Update
AhnLab-V3 Win-Trojan/Malware.26624.R 20110814
AntiVir TR/Crypt.XPACK.Gen 20110815
Avast Win32:Malware-gen 20110815
Avast5 Win32:Malware-gen 20110815
AVG Generic16.BFDG 20110814
BitDefender Gen:Malware.Heur.bqW@b46O4yl 20110815
Commtouch W32/Trojan2.MVPR 20110814
Comodo TrojWare.Win32.Trojan.Agent.Gen 20110814
DrWeb Trojan.Fakealert.12334 20110815
Emsisoft Trojan-Downloader.Win32.Onestage!IK 20110815
eSafe Win32.TRCrypt.XPACK 20110814
eTrust-Vet Win32/JustProtectPc.A 20110812
F-Prot W32/Trojan2.MVPR 20110814
F-Secure Gen:Malware.Heur.bqW@b46O4yl 20110815
GData Gen:Malware.Heur.bqW@b46O4yl 20110815
Ikarus Trojan-Downloader.Win32.Onestage 20110815
Jiangmin TrojanDownloader.Onestage.an 20110814
K7AntiVirus Trojan 20110812
Kaspersky Trojan-Downloader.Win32.Onestage.anw 20110815
McAfee Generic FakeAlert!ee 20110815
McAfee-GW-Edition Generic FakeAlert!ee 20110815
Microsoft Rogue:Win32/FakeXPA 20110814
NOD32 Win32/Adware.NoNameAntivirus.A 20110815
nProtect Trojan-Downloader/W32.Onestage.26624 20110814
Panda Generic Trojan 20110814
PCTools RogueAntiSpyware.VirusResponseLab 20110815
Rising Trojan.Win32.Generic.11F393D9 20110812
Sophos AV Mal/EncPk-NR 20110815
SUPERAntiSpyware Trojan.Agent/Gen 20110813
Symantec Downloader.MisleadApp 20110815
VBA32 Trojan-Downloader.Win32.Onestage.anw 20110813
VIPRE Trojan.Win32.Generic!BT 20110815
ViRobot Trojan.Win32.S.Downloader.26624.T 20110814
VirusBuster Trojan.DL.Onestage!Ganj5Ai4pxs 20110814
Antiy-AVL 20110814
CAT-QuickHeal 20110813
ClamAV 20110814
Fortinet 20110815
Norman 20110814
Prevx 20110815
TheHacker 20110813
TrendMicro 20110815
TrendMicro-HouseCall 20110815
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Number of sections 4
PE sections
PE imports
CompareFileTime
EnumSystemLocalesW
GetAtomNameW
DeleteFileW
EndUpdateResourceW
VirtualProtect
ExitProcess
GetDriveTypeW
GetAtomNameW
GetDateFormatW
GetModuleHandleW
File identification
MD5 b19a622f7446f97d54ed5c15ff117c83
SHA1 3ec8cf981e88b189ed9dda84c3bb1e4417ee4e2f
SHA256 669e89b1c4a06b5c4bfe5bd9b6c3d562382e5dc11ad30c286e71c3225768ae4d
ssdeep
384:TbHS7iStzhtDhlGLuNQjxiP+1qg9arhHqzuwTNeFIyeojufVEgcbX5E7IUQO3xPl:TIXvQj4Aqg9sMuw8n9qfVETXsPl

File size 26.0 KB ( 26624 bytes )
File type Win32 EXE
Magic literal

TrID Win32 Executable MS Visual C++ (generic) (62.9%)
Win32 Executable Generic (14.2%)
Win32 Dynamic Link Library (generic) (12.6%)
Clipper DOS Executable (3.3%)
Generic Win/DOS Executable (3.3%)
VirusTotal metadata
First submission 2010-02-05 23:28:11 UTC ( 7 years, 10 months ago )
Last submission 2011-08-15 02:28:51 UTC ( 6 years, 4 months ago )
File names B19A622F7446F97D54ED5C15FF117C83
aa
LYV8.tgz
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!