× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 70b9ad461149048069bc2bf23cc00eaa383d28b6589a4774726466be7999280e
File name: 4966bc4e0c80e9fc40598e963d3ca2ed4ea50711
Detection ratio: 33 / 50
Analysis date: 2014-04-04 19:30:30 UTC ( 3 years ago )
Antivirus Result Update
Ad-Aware Trojan.GenericKD.1617339 20140404
Yandex Trojan.VBKrypt!ZT7qBLuNtbQ 20140404
AntiVir TR/VBKrypt.uqjty 20140404
Antiy-AVL Trojan/Win32.VBKrypt 20140404
Avast Win32:Zbot-TDJ [Trj] 20140404
AVG Zbot.GMW 20140404
BitDefender Trojan.GenericKD.1617339 20140404
Bkav HW32.CDB.B7e1 20140404
ByteHero Virus.Win32.Heur.p 20140404
CAT-QuickHeal Trojan.VBInject.acy 20140404
DrWeb BackDoor.Andromeda.267 20140404
Emsisoft Trojan.GenericKD.1617339 (B) 20140404
ESET-NOD32 a variant of Win32/Injector.BAKG 20140404
F-Secure Trojan.GenericKD.1617339 20140404
Fortinet W32/Agent.ADBJ!tr 20140404
GData Trojan.GenericKD.1617339 20140404
Ikarus Trojan.VBInject 20140404
K7AntiVirus Trojan ( 0001140e1 ) 20140404
K7GW Trojan ( 0001140e1 ) 20140404
Kaspersky Trojan.Win32.VBKrypt.uqjt 20140404
Kingsoft Win32.Troj.Generic.a.(kcloud) 20140404
Malwarebytes Trojan.Crypt.NKN 20140404
McAfee BackDoor-FBWO 20140404
McAfee-GW-Edition BackDoor-FBWO!DEDC9C746CC1 20140404
Microsoft VirTool:Win32/VBInject.ACY 20140404
eScan Trojan.GenericKD.1617339 20140404
Norman VBKrypt.ABSX 20140404
nProtect Trojan.GenericKD.1617339 20140404
Panda W32/Vobfus.GEP.worm 20140404
SUPERAntiSpyware Trojan.Agent/Gen-FalComp 20140404
Symantec Trojan.Zbot 20140404
TheHacker Trojan/Spy.Bebloh.k 20140404
VBA32 Trojan.VBKrypt 20140404
AegisLab 20140404
AhnLab-V3 20140404
Baidu-International 20140404
ClamAV 20140404
CMC 20140404
Commtouch 20140404
Comodo 20140404
F-Prot 20140404
Jiangmin 20140404
NANO-Antivirus 20140404
Qihoo-360 20140404
Rising 20140404
Sophos 20140404
TotalDefense 20140404
TrendMicro 20140404
TrendMicro-HouseCall 20140404
VIPRE 20140404
ViRobot 20140404
File identification
MD5 dedc9c746cc1a956db37935804177e83
SHA1 4966bc4e0c80e9fc40598e963d3ca2ed4ea50711
SHA256 70b9ad461149048069bc2bf23cc00eaa383d28b6589a4774726466be7999280e

File size 300.7 KB ( 307932 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Microsoft Visual Basic 6 (90.5%)
Win32 Executable (generic) (4.9%)
Generic Win/DOS Executable (2.2%)
DOS Executable Generic (2.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

VirusTotal metadata
First submission 2014-04-04 19:30:30 UTC ( 3 years ago )
Last submission 2014-04-04 19:30:30 UTC ( 3 years ago )
File names 4966bc4e0c80e9fc40598e963d3ca2ed4ea50711
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Created processes
Code injections in the following processes
Opened mutexes
Hooking activity
Runtime DLLs
Additional details
The file sends control codes directly to certain device drivers making use of the DeviceIoControl Windows API function.
The file installs an application-defined hook procedure into a hook chain. You would install a hook procedure to monitor the system for certain types of events. These events are associated either with a specific thread or with all threads in the same desktop as the calling thread. This is done making use of the SetWindowsHook Windows API function.