× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8794f0dadb5ff8ec639be88c410505dcc5cc8247eac03315fbf706728e34856e
Detection ratio: 28 / 40
Analysis date: 2010-06-17 18:41:31 UTC ( 8 years, 2 months ago )
Antivirus Result Update
a-squared Trojan-Banker.Win32.Banker!IK 20100617
AhnLab-V3 Win-Trojan/Banker.522752.L 20100617
AntiVir TR/Banker.Banker.awbt 20100617
Authentium W32/Downloader.F.gen!Eldorado 20100617
Avast Win32:Rootkit-gen 20100617
Avast5 Win32:Rootkit-gen 20100617
AVG PSW.Banker5.BCSK 20100617
BitDefender Trojan.Generic.KD.12011 20100617
CAT-QuickHeal TrojanBanker.Banker.awbt 20100617
Comodo TrojWare.Win32.PkdPECompact.~E 20100617
eSafe Win32.BHO.Nyc 20100617
F-Prot W32/Downloader.F.gen!Eldorado 20100616
F-Secure Trojan.Generic.KD.12011 20100617
GData Trojan.Generic.KD.12011 20100617
Ikarus Trojan-Banker.Win32.Banker 20100617
Jiangmin Trojan/Banker.Banker.jpr 20100615
Kaspersky Trojan-Banker.Win32.Banker.awbt 20100617
McAfee PWS-Banker!got 20100617
McAfee-GW-Edition Artemis!A3AC9C0231E2 20100616
NOD32 a variant of Win32/BHO.NYC 20100617
Panda Trj/CI.A 20100617
PCTools Trojan-PSW.Bancos 20100617
Prevx Medium Risk Malware 20100617
Sunbelt Trojan.Win32.Generic!BT 20100617
Symantec Infostealer.Bancos 20100617
TheHacker Trojan/BHO.nyc 20100617
VBA32 Trojan-Banker.Win32.Banker.awia 20100617
VirusBuster Trojan.PWS.Banker.CVIF 20100617
Antiy-AVL 20100617
ClamAV 20100617
DrWeb 20100617
eTrust-Vet 20100617
Fortinet 20100617
Microsoft 20100617
Norman 20100616
Rising 20100617
Sophos AV 20100617
TrendMicro 20100617
TrendMicro-HouseCall 20100617
ViRobot 20100617
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 3
PE sections
PE imports
RegQueryValueExA
_TrackMouseEvent
UnrealizeObject
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
IsEqualGUID
SysFreeString
GetKeyboardType
VerQueryValueA
InternetSetOptionA
File identification
MD5 a3ac9c0231e2e662d05d59f1a005a459
SHA1 03c4ed50f0019fa9903ff366d7d42dcf15469c77
SHA256 8794f0dadb5ff8ec639be88c410505dcc5cc8247eac03315fbf706728e34856e
ssdeep
12288:7U1pwqY/HbnxN0zgw1p+35RSAxatPEuEVIDQoxD3FwQjyR8wwI:7UPa/7z0zgm+3fRAtcu4OkDR8ww

File size 510.5 KB ( 522752 bytes )
File type unknown
Magic literal

TrID Win32 EXE PECompact compressed (v2.x) (51.2%)
Win32 EXE PECompact compressed (generic) (36.0%)
Win32 Executable Generic (7.3%)
Win16/32 Executable Delphi generic (1.7%)
Generic Win/DOS Executable (1.7%)
VirusTotal metadata
First submission 2010-05-13 17:08:17 UTC ( 8 years, 3 months ago )
Last submission 2010-06-17 18:41:31 UTC ( 8 years, 2 months ago )
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!