× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 749e5e9a288018d0be42ea5e6b6616141dc0c70011546caa4794d5e91ce67e39
File name: 188b754ff7956ca2ca8a5ba2281510c7aaab8ec3
Detection ratio: 32 / 46
Analysis date: 2013-08-29 23:34:40 UTC ( 5 years, 2 months ago )
Antivirus Result Update
Yandex TrojanSpy.Zbot!KR3TN1YmSq0 20130829
AhnLab-V3 Spyware/Win32.Zbot 20130829
AntiVir TR/Kazy.174726 20130829
Antiy-AVL Trojan/Win32.Zbot.gen 20130829
Avast Win32:MalPack-G [Trj] 20130829
AVG PSW.Generic11.QLH 20130829
BitDefender Gen:Heur.Zygug.5 20130829
ByteHero Trojan.Malware.Obscu.Gen.002 20130829
CAT-QuickHeal TrojanPWS.Zbot.Gen 20130829
DrWeb Trojan.PWS.Panda.2977 20130829
Emsisoft Gen:Heur.Zygug.5 (B) 20130829
ESET-NOD32 Win32/Spy.Zbot.AAO 20130829
F-Secure Gen:Heur.Zygug.5 20130830
Fortinet W32/Zbot.AOV!tr 20130830
GData Gen:Heur.Zygug.5 20130830
Ikarus Trojan-Spy.Win32.Zbot 20130829
K7AntiVirus EmailWorm 20130829
K7GW EmailWorm 20130829
Kaspersky Trojan-Spy.Win32.Zbot.lsis 20130829
Malwarebytes Trojan.Zbot.FV 20130830
McAfee PWS-Zbot-FAXR!7226157089E2 20130830
McAfee-GW-Edition PWS-Zbot-FAXR!7226157089E2 20130829
Microsoft PWS:Win32/Zbot.gen!AJ 20130830
eScan Gen:Heur.Zygug.5 20130830
Norman Dorkbot.GUU 20130829
Panda Trj/Genetic.gen 20130829
Sophos AV Mal/EncPk-AKC 20130829
Symantec Trojan.Zbot 20130829
TrendMicro TROJ_GEN.RCBCDF5 20130829
TrendMicro-HouseCall TROJ_GEN.RCBCDF5 20130829
VBA32 BScope.Trojan.Zbot.3507 20130829
VIPRE Trojan.Win32.Zbot.fdm (v) 20130829
ClamAV 20130829
Commtouch 20130829
Comodo 20130829
F-Prot 20130830
Jiangmin 20130829
Kingsoft 20130829
NANO-Antivirus 20130829
nProtect 20130829
PCTools 20130829
Rising 20130829
SUPERAntiSpyware 20130829
TheHacker 20130829
TotalDefense 20130829
ViRobot 20130829
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
FileVersionInfo properties
Copyright
© 2004 Zon Lefugi. Vogycuj Eqixo Gutanag.

Publisher Forte Internet Software Inc.
Product Iziju
Version 6, 5
Original name Xpgybml.exe
Internal name Azyzib
File version 6, 5, 4
Description Obyny Azegew Ogequda
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-03-22 02:29:10
Entry Point 0x0001A437
Number of sections 5
PE sections
PE imports
GetPrivateProfileSectionNamesA
LocalReAlloc
GetSystemInfo
GetThreadPriorityBoost
SignalObjectAndWait
GetHandleInformation
GetVersionExA
WaitForSingleObjectEx
GetQueuedCompletionStatus
_lwrite
CreateEventA
MapViewOfFileEx
GetCommProperties
FoldStringW
GetCompressedFileSizeA
EnumResourceLanguagesA
SuspendThread
CompareStringW
FindResourceExA
ReleaseSemaphore
EnumDateFormatsExA
lstrcpyA
MulDiv
SetThreadAffinityMask
GetDiskFreeSpaceA
ExpandEnvironmentStringsA
EnumDateFormatsW
GetSystemTimeAdjustment
OpenEventW
GetLogicalDriveStringsW
FormatMessageA
BackupSeek
PrepareTape
SleepEx
CloseHandle
SHBindToParent
InternalExtractIconListA
RealShellExecuteW
SHGetNewLinkInfoA
DragQueryFileA
RealShellExecuteA
DdeSetQualityOfService
GetCursorPos
DrawFrame
DrawAnimatedRects
GetKeyboardLayoutNameA
SetLayeredWindowAttributes
GetInputState
GetMessageW
SetClassLongW
CreateIconIndirect
GetMonitorInfoA
RegisterWindowMessageA
CharPrevW
GetCaretPos
GetPropA
IMPGetIMEW
DdeImpersonateClient
IsCharAlphaW
CloseWindow
GetKBCodePage
DrawFrameControl
ScrollWindowEx
CopyAcceleratorTableW
CharUpperBuffA
ModifyMenuA
GetClassNameA
SetWindowLongA
SetCaretBlinkTime
ReuseDDElParam
PostMessageW
DestroyCaret
SetActiveWindow
DispatchMessageW
IsCharAlphaA
GetAsyncKeyState
SystemParametersInfoA
GetDlgCtrlID
GetClipCursor
DefFrameProcW
DrawFocusRect
HideCaret
DdeQueryNextServer
DrawIconEx
GetWindowPlacement
SubtractRect
DdeNameService
DrawMenuBar
AllowSetForegroundWindow
BringWindowToTop
IsHungAppWindow
BroadcastSystemMessageA
EnumDisplayDevicesW
MonitorFromRect
LoadAcceleratorsA
GetPriorityClipboardFormat
GetWindowTextLengthA
CreateAcceleratorTableA
CountClipboardFormats
DialogBoxIndirectParamW
MapVirtualKeyExW
IsChild
DeferWindowPos
UnregisterDeviceNotification
ArrangeIconicWindows
GetSystemMenu
UserHandleGrantAccess
MsgWaitForMultipleObjects
MapVirtualKeyExA
CharNextW
DefDlgProcW
ExitWindowsEx
PtInRect
Number of PE resources by type
RT_DIALOG 1
RT_VERSION 1
Number of PE resources by language
THAI DEFAULT 2
PE resources
File identification
MD5 7226157089e2adbb64bcd280f392fab7
SHA1 188b754ff7956ca2ca8a5ba2281510c7aaab8ec3
SHA256 749e5e9a288018d0be42ea5e6b6616141dc0c70011546caa4794d5e91ce67e39
ssdeep
3072:MsUNmaVkce26hU1LhAAuZR7xg5g/IS538TxbGJgip2ixQcsXPGpZBwtNM8gbiJOS:MzqX+3AAuf7d/I8s9Y9xQxtW8gg7f64f

File size 186.5 KB ( 190976 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ (generic) (67.3%)
Win32 Dynamic Link Library (generic) (14.2%)
Win32 Executable (generic) (9.7%)
Generic Win/DOS Executable (4.3%)
DOS Executable Generic (4.3%)
Tags
peexe

VirusTotal metadata
First submission 2013-08-29 23:34:40 UTC ( 5 years, 2 months ago )
Last submission 2013-08-29 23:34:40 UTC ( 5 years, 2 months ago )
File names 188b754ff7956ca2ca8a5ba2281510c7aaab8ec3
Azyzib
Xpgybml.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!