× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6f4f4b844d083b6e8e7c1c0129080ab2a9769dc1ef12dda5819b1912a0d9714a
File name: 6C9820A6004EB41E6A0A0269BDBFDF001E27C321.exe
Detection ratio: 14 / 40
Analysis date: 2010-05-16 01:56:21 UTC ( 8 years, 7 months ago )
Antivirus Result Update
Authentium W32/Rimecud.I.gen!Eldorado 20100515
AVG Cryptic.PH 20100515
BitDefender Gen:Variant.Rimecud.2 20100516
Comodo P2PWorm.Win32.Palevo.GZA 20100516
F-Prot W32/Rimecud.I.gen!Eldorado 20100515
F-Secure Gen:Variant.Rimecud.2 20100515
GData Gen:Variant.Rimecud.2 20100516
Jiangmin Heur:Trojan/Pakes 20100515
Microsoft Worm:Win32/Rimecud.B 20100514
NOD32 a variant of Win32/Peerfrag.HH 20100515
nProtect Gen:Variant.Rimecud.2 20100515
TrendMicro Mal_Palevo5 20100515
TrendMicro-HouseCall Mal_Palevo5 20100516
VBA32 Malware-Cryptor.Win32.Limpopo 20100514
a-squared 20100510
AhnLab-V3 20100515
AntiVir 20100514
Antiy-AVL 20100514
Avast 20100515
Avast5 20100515
CAT-QuickHeal 20100515
ClamAV 20100515
DrWeb 20100516
eSafe 20100513
eTrust-Vet 20100515
Fortinet 20100515
Ikarus 20100515
Kaspersky 20100516
McAfee 20100516
McAfee-GW-Edition 20100515
Norman 20100515
Panda 20100515
PCTools 20100516
Rising 20100514
Sophos AV 20100516
Sunbelt 20100516
Symantec 20100516
TheHacker 20100514
ViRobot 20100515
VirusBuster 20100515
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 4
PE sections
PE imports
CloseHandle
CompareFileTime
CreateEventW
CreateMutexA
CreateProcessA
CreateThread
DeleteCriticalSection
DeleteFileW
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FindClose
FindFirstFileW
FindResourceA
FindResourceW
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetConsoleOutputCP
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStrings
GetEnvironmentStringsW
GetExitCodeThread
GetFileAttributesA
GetFileAttributesW
GetFileSize
GetLocalTime
GetLocaleInfoW
GetProcAddress
GetProcessHeap
GetStringTypeExA
GetSystemDefaultLCID
GetSystemDirectoryA
GetTempPathW
GetUserDefaultLangID
GetVersion
GetVersionExW
GetWindowsDirectoryA
GlobalAddAtomA
GlobalHandle
GlobalLock
GlobalUnlock
HeapCreate
HeapFree
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadReadPtr
IsDBCSLeadByte
IsDebuggerPresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryW
LocalFileTimeToFileTime
MapViewOfFile
MoveFileA
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
RaiseException
SetFileAttributesW
SetFileTime
SetHandleCount
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
lstrcmpA
CharLowerA
CharNextA
CheckMenuItem
CloseClipboard
CreateMenu
DialogBoxParamA
DrawFrameControl
DrawIcon
EnableMenuItem
EndDialog
EndPaint
EnumThreadWindows
EnumWindows
EqualRect
FindWindowA
FrameRect
GetClassInfoA
GetClientRect
GetCursorPos
GetDCEx
GetDesktopWindow
GetDlgItem
GetForegroundWindow
GetIconInfo
GetKeyState
GetKeyboardType
GetLastActivePopup
GetMenu
GetMenuItemID
GetMessagePos
GetParent
GetPropA
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetTopWindow
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
InsertMenuA
InvalidateRect
IsChild
IsIconic
IsWindowEnabled
IsZoomed
KillTimer
LoadStringA
MapWindowPoints
MessageBeep
MessageBoxA
PtInRect
RedrawWindow
RegisterClassA
RegisterClipboardFormatA
RegisterWindowMessageA
ScreenToClient
ScrollWindow
SendMessageA
SetForegroundWindow
SetRect
SetScrollPos
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowTextA
SetWindowsHookExA
ShowCursor
ShowOwnedPopups
ShowWindow
SystemParametersInfoA
UnhookWindowsHookEx
UnregisterClassA
UpdateWindow
WaitMessage
WindowFromPoint
File identification
MD5 8ee5f4949bc29cb9ec50b31663fee93a
SHA1 fccdb388442f57e3174ceb7696affd9030738d5f
SHA256 6f4f4b844d083b6e8e7c1c0129080ab2a9769dc1ef12dda5819b1912a0d9714a
ssdeep
3072:69lqBGMyAUcCrYlfHAAxBhzOfILDGgoz1J2rCl3RhGs5mrE/rT1COYtx2jGMm:6rqBU2fgAZw2Ton26hG8mQzTcOjG

File size 154.5 KB ( 158208 bytes )
File type unknown
Magic literal

TrID Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)
VirusTotal metadata
First submission 2010-05-16 01:56:21 UTC ( 8 years, 7 months ago )
Last submission 2010-05-16 01:56:21 UTC ( 8 years, 7 months ago )
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!