× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8110b790ea6600f8b712cc68b195302c450a3993df84f7163dbb7938d22e55d0
File name: Setup_34s11.exe
Detection ratio: 5 / 40
Analysis date: 2010-04-26 13:50:24 UTC ( 7 years, 6 months ago ) View latest
Antivirus Result Update
McAfee-GW-Edition Heuristic.BehavesLike.Win32.Trojan.H 20100426
NOD32 a variant of Win32/Kryptik.DYG 20100426
Prevx High Risk Cloaked Malware 20100426
Sophos AV Mal/FakeAV-CX 20100426
Sunbelt VirTool.Win32.Obfuscator.hg!b (v) 20100426
a-squared 20100426
AhnLab-V3 20100426
AntiVir 20100426
Antiy-AVL 20100426
Authentium 20100425
Avast 20100426
Avast5 20100426
AVG 20100426
BitDefender 20100426
CAT-QuickHeal 20100426
ClamAV 20100426
Comodo 20100426
DrWeb 20100426
eSafe 20100425
eTrust-Vet 20100424
F-Prot 20100425
F-Secure 20100426
Fortinet 20100426
GData 20100426
Ikarus 20100426
Jiangmin 20100426
Kaspersky 20100426
McAfee 20100426
Microsoft 20100426
Norman 20100426
nProtect 20100426
Panda 20100425
PCTools 20100426
Rising 20100426
Symantec 20100426
TheHacker 20100426
TrendMicro 20100426
VBA32 20100426
ViRobot 20100426
VirusBuster 20100426
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Number of sections 9
PE sections
PE imports
SafeArrayGetUBound
RegisterTypeLib
SysStringLen
SafeArrayPtrOfIndex
SysFreeString
OleLoadPicture
SafeArrayUnaccessData
SHStrDupA
PathIsDirectoryA
SHQueryValueExA
GetModuleHandleA
HeapAlloc
GetCommandLineA
LoadLibraryExA
GetVersionExA
GetStringTypeA
GetOEMCP
GlobalDeleteAtom
LoadLibraryA
GlobalAddAtomA
lstrlenA
GlobalFindAtomA
GetCurrentThreadId
LocalAlloc
GetSystemDefaultLangID
GetModuleFileNameA
HeapDestroy
SetLastError
GetStartupInfoA
GetACP
GetProcAddress
VirtualAlloc
GlobalAlloc
GetCurrentProcessId
VirtualAllocEx
RtlMoveMemory
FreeResource
WideCharToMultiByte
lstrcatA
GetCurrentProcess
File identification
MD5 cdab308d96996fc641ba3da56ef08f19
SHA1 eacc0f277b545661302de3b919e165ef94ca5874
SHA256 8110b790ea6600f8b712cc68b195302c450a3993df84f7163dbb7938d22e55d0
ssdeep
6144:DRN4JLPK4pQKrORwGvFMXfl56jVz26Anz4p9OOo:DRCVQKyWGvFMLu26AnEp8O

File size 206.0 KB ( 210944 bytes )
File type Win32 EXE
Magic literal

TrID Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2010-04-26 12:41:14 UTC ( 7 years, 6 months ago )
Last submission 2011-07-16 02:47:47 UTC ( 6 years, 4 months ago )
File names CDAB308D96996FC641BA3DA56EF08F19
FYyIjT_5zj.tmp
aa
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!