× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 84824963c0989568674f329e8dd92eb735f27609ef27e6352347288f62bf1d16
File name: npp.6.0.0.Installer_exe
Detection ratio: 32 / 42
Analysis date: 2012-04-15 19:08:09 UTC ( 2 years ago )
Antivirus Result Update
AVG Dropper.Agent.AV 20120415
AhnLab-V3 Win-Trojan/Agent.497642 20120415
AntiVir BDS/Beastdoor.205.A 20120415
Avast Win32:Agent-AHE [Trj] 20120415
BitDefender Trojan.Dropper.Agent.B 20120415
CAT-QuickHeal Win32.Trojan-Dropper.Agent.b.2.Pack 20120414
ClamAV Trojan.Dropper.Agent-71 20120415
Commtouch W32/Heuristic-210!Eldorado 20120414
Comodo TrojWare.Win32.TrojanDropper.Agent.B 20120415
DrWeb BackDoor.Beast.207 20120415
F-Prot W32/Heuristic-210!Eldorado 20120413
F-Secure Trojan.Dropper.Agent.B 20120415
Fortinet W32/Agent.B!tr 20120415
GData Trojan.Dropper.Agent.B 20120415
Ikarus Win32.SuspectCrc 20120415
Jiangmin TrojanDropper.Agent.bag 20120414
K7AntiVirus Trojan 20120414
Kaspersky Trojan-Dropper.Win32.Agent.b 20120415
McAfee BackDoor-AMQ 20120415
McAfee-GW-Edition Heuristic.LooksLike.Win32.SuspiciousPE.N 20120415
Microsoft TrojanDropper:Win32/Agent.B 20120415
NOD32 Win32/TrojanDropper.Agent.B 20120415
Norman Suspicious_F.gen.E 20120415
Panda Bck/Keylog.DQ 20120415
Sophos Troj/Multidr-EE 20120415
TrendMicro BKDR_BEASTY.A 20120415
TrendMicro-HouseCall BKDR_BEASTY.A 20120415
VBA32 TrojanDropper.Win32.Agent.b 20120413
ViRobot Dropper.Agent.270266 20120415
VirusBuster Trojan.DR.Agent.DQV 20120415
eTrust-Vet Win32/Ulysses.AF 20120413
nProtect Trojan.Dropper.Agent.B 20120415
Antiy-AVL 20120415
ByteHero 20120413
Emsisoft 20120415
PCTools 20120415
Rising 20120413
SUPERAntiSpyware 20120402
Symantec 20120415
TheHacker 20120414
VIPRE 20120415
eSafe 20120415
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
Packers identified
Command FSG
F-PROT embedded, NSIS, Unicode, FSG
PEiD FSG v2.0 -> bart/xt
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1987-09-11 01:35:02
Entry Point 0x00000154
Number of sections 2
PE sections
PE imports
LoadLibraryA, GetProcAddress
File identification
MD5 0916af77efc95add28e0abdd17b8a64c
SHA1 87b484d7f255ada3b58967be89e58c1c569337bb
SHA256 84824963c0989568674f329e8dd92eb735f27609ef27e6352347288f62bf1d16
ssdeep
98304:2avvXJNuEAwk9U71gS2EPY9eYF5Dm9JfY+woOUL9Jxg8ZcETD4+7ZFkCVCTizVMj:2aXySjvyeo5RuOqz+wkMbkCMMyMMH

File size 5.3 MB ( 5574272 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable, PE for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable Generic (67.9%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Targa bitmap (Original TGA Format) (0.0%)
MS Flight Simulator Aircraft Performance Info (0.0%)
Tags
nsis fsg

VirusTotal metadata
First submission 2012-04-15 19:08:09 UTC ( 2 years ago )
Last submission 2012-04-15 19:08:09 UTC ( 2 years ago )
File names npp.6.0.0.Installer_exe
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!