× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 67953569d6bd22caa5deedbed8e417884c8c5dac4c077e647ad84b2ec2be1b51
File name: smona124847278790688693913
Detection ratio: 5 / 42
Analysis date: 2009-07-25 00:34:25 UTC ( 8 years, 4 months ago ) View latest
Antivirus Result Update
McAfee+Artemis Artemis!D9A878871B90 20090724
Microsoft VirTool:Win32/Obfuscator.GD 20090724
NOD32 a variant of Win32/Kryptik.XS 20090724
NOD32Beta a variant of Win32/Kryptik.XS 20090724
Sophos AV Mal/EncPk-JB 20090724
a-squared 20090724
AhnLab-V3 20090724
AntiVir 20090724
Antiy-AVL 20090724
Authentium 20090724
Avast 20090724
AVG 20090724
BitDefender 20090724
CAT-QuickHeal 20090724
ClamAV 20090724
Comodo 20090725
DrWeb 20090724
eSafe 20090723
eTrust-Vet 20090724
F-Prot 20090724
F-Secure 20090724
Fortinet 20090724
GData 20090724
Ikarus 20090724
Jiangmin 20090724
K7AntiVirus 20090724
Kaspersky 20090725
McAfee 20090724
McAfee-GW-Edition 20090724
Norman 20090724
nProtect 20090724
Panda 20090724
PCTools 20090724
Prevx 20090725
Rising 20090724
Sunbelt 20090723
Symantec 20090725
TheHacker 20090724
TrendMicro 20090724
VBA32 20090724
ViRobot 20090724
VirusBuster 20090724
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
Packers identified
PEiD Armadillo v1.71
PE header basic information
Number of sections 4
PE sections
PE imports
GetTextColor
GetDeviceCaps
SetPixel
GetObjectA
GetStockObject
CreateFontIndirectA
PatBlt
DeleteObject
BitBlt
GetTextMetricsA
CreateSolidBrush
SelectObject
MoveToEx
GetBkColor
GetTextExtentPoint32A
GetPixel
SetROP2
LineTo
ExtTextOutA
GetProcAddress
LoadLibraryA
GetVersion
GlobalAlloc
GetModuleHandleA
GlobalFree
GetTickCount
LocalAlloc
memmove
_controlfp
_exit
wcschr
SetWindowTextA
DispatchMessageA
DialogBoxParamA
GetClientRect
ShowWindow
MessageBoxA
LoadIconA
GetFocus
GetSysColor
DestroyWindow
DefWindowProcA
GetWindowRect
ScreenToClient
PostQuitMessage
EndPaint
CreateWindowExA
SetFocus
EndDialog
BeginPaint
GetMessageA
File identification
MD5 d9a878871b90c68f4a1a155a3015a8fe
SHA1 85dfe45d6e72e44faa632321306cdfcdf49229d6
SHA256 67953569d6bd22caa5deedbed8e417884c8c5dac4c077e647ad84b2ec2be1b51
ssdeep
1536:/JdebbhX8Wrfb/ZdT2jP8GNHNNyFPLOWZPsUxj4SEae0Nib0JfCZ32Q7LkP6eWQC:7eKW3X2jPRqF6WCtG+0JfaTC6e1mEX

File size 111.0 KB ( 113664 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2009-07-25 00:02:05 UTC ( 8 years, 4 months ago )
Last submission 2009-07-27 17:35:38 UTC ( 8 years, 3 months ago )
File names aa
J_an.tiff
Behaviour characterization
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!