× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6ec8152b49339e2184e07c609fe121c9a6fd93c13de531a99eef381b53bf260c
File name: RAJ7Q.jpeg
Detection ratio: 31 / 42
Analysis date: 2010-03-24 18:10:06 UTC ( 7 years, 10 months ago )
Antivirus Result Update
a-squared Rkit!IK 20100324
AntiVir Rkit/Agent.dioi 20100324
Antiy-AVL Trojan/Win32.Agent.gen 20100324
Authentium W32/Koobface.K.gen!Eldorado 20100324
Avast Win32:Agent-AJGQ 20100324
Avast5 Win32:Agent-AJGQ 20100324
AVG Generic16.BQHK 20100324
CAT-QuickHeal Trojan.Meredrop 20100324
Comodo TrojWare.Win32.TrojanDropper.Agent.bnxh 20100324
DrWeb Win32.HLLW.Facebook.583 20100324
eSafe Win32.Koobface.A 20100324
F-Prot W32/Koobface.K.gen!Eldorado 20100323
Fortinet W32/Agent.MNW!tr 20100324
GData Win32:Agent-AJGQ 20100324
Ikarus Rkit 20100324
K7AntiVirus Trojan.Win32.Malware.1 20100322
McAfee Generic Proxy!r 20100324
McAfee+Artemis Artemis!7D32A8C06AEA 20100324
McAfee-GW-Edition Rootkit.Agent.dioi 20100324
Microsoft Trojan:Win32/Meredrop 20100324
NOD32 a variant of Win32/Tinxy.AZ 20100324
Norman W32/Koobface.GFA 20100324
Panda W32/Koobface.IZ.worm 20100324
PCTools Net-Worm.Koobface 20100324
Prevx Medium Risk Malware 20100324
Rising Trojan.Win32.Generic.51F99FA4 20100324
Sophos AV Troj/Agent-MNW 20100324
Sunbelt Trojan.Win32.Meredrop 20100322
Symantec W32.Koobface.A 20100324
TrendMicro TROJ_AGENT.AVFD 20100324
VirusBuster Trojan.Meredrop.UXG 20100324
AhnLab-V3 20100324
BitDefender 20100324
ClamAV 20100324
eTrust-Vet 20100324
F-Secure 20100324
Jiangmin 20100324
Kaspersky 20100324
nProtect 20100324
TheHacker 20100324
VBA32 20100324
ViRobot 20100324
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
FileVersionInfo properties
Copyright
Copyright(c) 1992-1993 CSoft Development

Publisher CSoft Development
Product Spy
Original name kb81920.so
Internal name kb81920.so
File version 6.38.13
Description User Master FTP Nokia Quick
PE header basic information
Number of sections 4
PE sections
PE imports
RegOpenKeyExA
LoadResource
GetTickCount
WriteFile
Sleep
SizeofResource
GetSystemDirectoryA
lstrcatA
GetLastError
GetProcAddress
LoadLibraryA
LockResource
GetModuleFileNameA
GetModuleHandleA
CloseHandle
GetCurrentProcessId
GetTempPathA
FindResourceA
GetStdHandle
DeleteTimerQueue
ReleaseMutex
GetVersion
ResumeThread
GetSystemInfo
VirtualProtect
HeapSize
LCMapStringW
LCMapStringA
lstrcpyA
CreateFileA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
GetStartupInfoA
GetCommandLineA
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
SetLastError
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
HeapFree
SetFilePointer
HeapAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
SetStdHandle
QueryPerformanceCounter
GetSystemTimeAsFileTime
FlushFileBuffers
CharToOemA
GetGuiResources
OpenIcon
IsWindow
DestroyWindow
9 more function(s) imported by ordinal)
File identification
MD5 7d32a8c06aea63c4116f726900b548e6
SHA1 bd0e11d70aa86c6e037a06cb57129b1a201fe74f
SHA256 6ec8152b49339e2184e07c609fe121c9a6fd93c13de531a99eef381b53bf260c
ssdeep
3072:HK3w8EkODDzRI59iygIDviUm9jV6MQT8i6RN25TEIkooilAdvxJk/jWntqlXsL0:q3w8EFLRI59ijIDaUCjlc8ieNOTcvxoN

File size 190.5 KB ( 195072 bytes )
File type unknown
Magic literal

TrID Win32 Executable MS Visual C++ (generic) (62.9%)
Win32 Executable Generic (14.2%)
Win32 Dynamic Link Library (generic) (12.6%)
Clipper DOS Executable (3.3%)
Generic Win/DOS Executable (3.3%)
VirusTotal metadata
First submission 2010-02-16 21:07:06 UTC ( 7 years, 11 months ago )
Last submission 2010-03-24 18:10:06 UTC ( 7 years, 10 months ago )
File names RAJ7Q.jpeg
qD7BH0SI.docx
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!