× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 761c0fe94e8e800fc8af3f5857f997cf045d9b9f930708e35e73d29c84416d70
Detection ratio: 24 / 41
Analysis date: 2010-05-11 17:10:44 UTC ( 7 years, 8 months ago )
Antivirus Result Update
a-squared Trojan.Win32.Fakeinit!IK 20100510
AhnLab-V3 Malware/Win32.Suspicious 20100510
AntiVir TR/Fakeinit.A.185 20100511
Avast Win32:Trojan-gen 20100511
Avast5 Win32:Trojan-gen 20100511
AVG SHeur3.VQD 20100511
BitDefender Trojan.Generic.KD.10730 20100511
Comodo TrojWare.Win32.FakeAV.~IS 20100511
DrWeb Trojan.Fakealert.14931 20100511
F-Secure Trojan.Generic.KD.10730 20100511
GData Trojan.Generic.KD.10730 20100511
Ikarus Trojan.Win32.Fakeinit 20100511
McAfee Suspect-1B!149E3B8E94A9 20100511
Microsoft Trojan:Win32/Fakeinit 20100511
NOD32 Win32/Adware.SecurityEssentials 20100511
Norman W32/FakeAV.AM!genr 20100511
nProtect Trojan.Generic.KD.10730 20100511
Panda Generic Trojan 20100510
PCTools RogueAntiSpyware.CoreGuardAntivirus2009 20100511
Prevx High Risk Fraudulent Security Program 20100511
Sophos AV Mal/EncPk-NS 20100511
Sunbelt Trojan.Win32.Generic.pak!cobra 20100511
Symantec CoreGuardAntivirus2009 20100511
VirusBuster Trojan.Fakeinit.RCW 20100511
Antiy-AVL 20100511
Authentium 20100511
CAT-QuickHeal 20100511
ClamAV 20100511
eSafe 20100510
eTrust-Vet 20100511
F-Prot 20100511
Fortinet 20100511
Jiangmin 20100511
Kaspersky 20100511
McAfee-GW-Edition 20100511
Rising 20100511
TheHacker 20100511
TrendMicro 20100511
TrendMicro-HouseCall 20100511
VBA32 20100511
ViRobot 20100511
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
FileVersionInfo properties
Copyright
Security essentials 101

Publisher Security essentials 101
Product Security essentials 101
Original name Security essentials 101
Internal name Security essentials 101
File version 1.5.0.0
Description Security essentials 101
Comments Security essentials 101
PE header basic information
Number of sections 6
PE sections
PE imports
RegQueryInfoKeyW
ConvertStringSidToSidW
LookupPrivilegeValueW
SetEntriesInAclW
InitializeAcl
GetTraceLoggerHandle
GetSidLengthRequired
DeregisterEventSource
RegNotifyChangeKeyValue
GetUserNameW
GetSidSubAuthorityCount
GetTokenInformation
OpenSCManagerA
AdjustTokenPrivileges
ChangeServiceConfigW
LookupAccountSidW
GetLengthSid
RegisterEventSourceW
SetSecurityDescriptorOwner
AddAce
RegOpenKeyExW
GetAclInformation
GetSecurityDescriptorOwner
RegCreateKeyExA
GetSecurityDescriptorLength
CreateThread
EnterCriticalSection
GetCommandLineA
GlobalLock
CreateEventA
GetDriveTypeW
WaitForSingleObject
GetACP
SetLastError
SetFileAttributesW
IsBadReadPtr
GetExitCodeThread
CreateDirectoryA
GetSystemInfo
GetVersionExA
FindResourceW
ExitProcess
SetEvent
FindResourceA
lstrcpynW
GetVersion
OpenMutexA
HeapFree
RtlUnwind
GetFileAttributesA
IsDebuggerPresent
UnmapViewOfFile
CreateFileW
DeleteCriticalSection
GetStartupInfoA
CreateEventW
OutputDebugStringW
GetProcessHeap
QueryPerformanceCounter
GetThreadLocale
VirtualAllocEx
IsBadWritePtr
GetCurrentProcessId
GetTickCount
OpenEventA
ResumeThread
OpenEventW
_vsnwprintf
wcscmp
srand
iswctype
strrchr
_wsplitpath
towupper
iswspace
tolower
_access
_exit
qsort
_onexit
strlen
_CIacos
fseek
bsearch
_purecall
_c_exit
_write
_lock
memcpy
atol
towlower
__2@YAPAXI@Z
__badioinfo
swscanf
__p__fmode
__p__osver
wcsstr
GetRunningObjectTable
OleRun
IIDFromString
CreateOleAdviseHolder
StgOpenStorage
CoImpersonateClient
CreateBindCtx
StringFromGUID2
CoGetApartmentID
CoInitialize
OleRegGetMiscStatus
OleSaveToStream
CoTaskMemAlloc
CoCreateInstance
PropVariantCopy
CoGetInterfaceAndReleaseStream
CoMarshalInterface
StringFromIID
WriteClassStm
CoCreateInstanceEx
CoGetObjectContext
CreateILockBytesOnHGlobal
CoUninitialize
ProgIDFromCLSID
MkParseDisplayName
CoSetProxyBlanket
OleLoadFromStream
CLSIDFromProgID
CoRegisterClassObject
CoFreeUnusedLibraries
CoGetMalloc
VariantCopy
SysAllocStringLen
SafeArrayCreate
VariantCopyInd
SysFreeString
SysReAllocStringLen
VariantInit
SafeArrayPutElement
VariantChangeType
SysStringByteLen
SafeArrayUnaccessData
SafeArrayGetLBound
RegisterTypeLib
CreateErrorInfo
SysAllocStringByteLen
GetErrorInfo
RpcBindingToStringBindingW
NdrDllUnregisterProxy
NdrDllGetClassObject
CStdStubBuffer_QueryInterface
NdrClientCall2
RpcStringFreeA
NdrDllCanUnloadNow
IUnknown_AddRef_Proxy
NdrOleAllocate
UuidCreate
UuidToStringA
UuidToStringW
NdrCStdStubBuffer_Release
RpcStringBindingComposeW
RpcServerUseProtseqEpW
RpcBindingVectorFree
RpcServerRegisterIfEx
SHGetFolderPathW
SHGetMalloc
CommandLineToArgvW
SHBrowseForFolderW
ShellExecuteA
SHGetSpecialFolderPathW
DragQueryFileW
DragQueryFileA
SHGetFileInfoW
SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListW
ShellExecuteW
GetWindowTextLengthW
GetClientRect
CharPrevW
RegisterWindowMessageW
EnableWindow
DispatchMessageA
SystemParametersInfoW
PostMessageW
SetFocus
GetMessageA
RedrawWindow
CreatePopupMenu
EnableMenuItem
IsIconic
MoveWindow
IntersectRect
ReleaseCapture
CharLowerW
GetDlgItemTextW
IsRectEmpty
CharUpperA
GetMessagePos
GetDlgCtrlID
CallWindowProcW
VerQueryValueA
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerFindFileW
File identification
MD5 149e3b8e94a987838a7ff0cb0d44dfba
SHA1 a6c671b5cab16f8e926c65ee42ef1d39a18c3a26
SHA256 761c0fe94e8e800fc8af3f5857f997cf045d9b9f930708e35e73d29c84416d70
ssdeep
24576:sGOYsqR6Syh6jnGFallP3dFAIxTFbTgYvVkfeXijdhU72bSVmbXuaGEIfngXJL:e26SyhUsallP3dFAgbTgYvG2Xij42bKm

File size 1.5 MB ( 1527296 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
VXD Driver (0.1%)
VirusTotal metadata
First submission 2010-05-08 07:45:42 UTC ( 7 years, 8 months ago )
Last submission 2010-05-11 17:10:44 UTC ( 7 years, 8 months ago )
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!