× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 788a268851dd24b9a06bbfba10965713d15205867da30252afb25e913bfb696f
File name: aa
Detection ratio: 38 / 40
Analysis date: 2010-05-13 16:54:54 UTC ( 8 years, 7 months ago )
Antivirus Result Update
a-squared Trojan-PWS.Win32.QQPass!IK 20100510
AhnLab-V3 Trojan/Win32.QQPass 20100513
AntiVir TR/PSW.QQpass.ssz 20100513
Antiy-AVL Trojan/Win32.QQPass.gen 20100513
Authentium W32/Nilage.gen!GSA 20100513
Avast Win32:Trojan-gen 20100513
Avast5 Win32:Trojan-gen 20100513
AVG PSW.Generic7.BWDA 20100513
BitDefender Trojan.Generic.3597899 20100513
CAT-QuickHeal Win32.Packed.TDSS.c.4 20100513
Comodo TrojWare.Win32.PSW.OnlineGames.pbg0 20100513
DrWeb Trojan.PWS.Gamania.24903 20100513
eSafe Win32.TRDropper 20100513
eTrust-Vet Win32/ASuspect.HDFLJ 20100513
F-Prot W32/Nilage.gen!GSA 20100513
F-Secure Trojan.Generic.3597899 20100513
GData Trojan.Generic.3597899 20100513
Ikarus Trojan-PWS.Win32.QQPass 20100513
Jiangmin Trojan/PSW.QQPass.yrk 20100513
Kaspersky Trojan-PSW.Win32.QQPass.sha 20100513
McAfee Generic PWS.sf 20100513
McAfee-GW-Edition Heuristic.BehavesLike.Win32.Dropper.H 20100513
Microsoft Trojan:Win32/Malagent 20100513
NOD32 a variant of Win32/PSW.OnLineGames.PBG 20100513
Norman W32/Smalldrp.AYIE 20100513
nProtect Trojan.Generic.3597899 20100513
Panda Trj/QQPass.QV 20100512
PCTools Adware.MemoryMeter 20100513
Rising Trojan.Win32.Generic.51FDE289 20100513
Sophos AV Mal/Behav-112 20100513
Sunbelt Trojan.Win32.Generic!BT 20100513
Symantec Infostealer.Gampass 20100513
TheHacker Trojan/PSW.QQPass.sha 20100513
TrendMicro WORM_FRETHOG.LR 20100513
TrendMicro-HouseCall WORM_FRETHOG.LR 20100513
VBA32 Trojan-PSW.Win32.QQPass.sha 20100513
ViRobot Trojan.Win32.PSWQQPass.65024.B 20100513
VirusBuster Trojan.PWS.QQPass.KJH 20100513
ClamAV 20100513
Fortinet 20100513
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 4
PE sections
PE imports
LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges
Process32First
CreateToolhelp32Snapshot
SizeofResource
SetHandleCount
LoadResource
FindResourceA
GetModuleHandleA
FreeLibrary
GetProcAddress
CompareStringA
OpenProcess
WinExec
WriteFile
CreateFileA
GetCommandLineA
CopyFileA
DeleteFileA
GetTickCount
GetSystemDirectoryA
Process32Next
GetCurrentProcess
LoadLibraryA
CloseHandle
fclose
fread
fseek
fopen
sprintf
strcat
rename
fputc
fwrite
strcpy
memset
File identification
MD5 2682f0b4f1458282a0784290d4cb95d3
SHA1 1d102104fca956df4c0cb4267a045aa69d0a1ba4
SHA256 788a268851dd24b9a06bbfba10965713d15205867da30252afb25e913bfb696f
ssdeep
768:k0S8LyzSEQjBdvYtdwcoav1V5W9y6/TMV+2r:kT87FwBkTMV+2

File size 37.5 KB ( 38400 bytes )
File type unknown
Magic literal

TrID Windows Screen Saver (39.4%)
Win32 Executable Generic (25.6%)
Win32 Dynamic Link Library (generic) (22.8%)
Generic Win/DOS Executable (6.0%)
DOS Executable Generic (6.0%)
VirusTotal metadata
First submission 2010-04-07 18:31:16 UTC ( 8 years, 8 months ago )
Last submission 2010-05-13 16:54:54 UTC ( 8 years, 7 months ago )
File names AO5N.msc
aa
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!