× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8a43dbcab2f67f82e1963b860c76026620e7cf465851fdce07eca7c40b78cbf9
File name: sample_19866be13773117f0a5a8165e487dacb
Detection ratio: 34 / 44
Analysis date: 2011-09-22 07:29:04 UTC ( 6 years, 5 months ago )
Antivirus Result Update
AhnLab-V3 Win-Trojan/Krap.39936.AV 20110921
AntiVir TR/Crypt.XPACK.Gen 20110921
Avast Win32:MalOb-BH [Cryp] 20110922
Avast5 Win32:MalOb-BH [Cryp] 20110922
AVG FakeAV.BJJ 20110921
BitDefender Trojan.Generic.KD.10015 20110922
ByteHero Trojan.Malware.Obscu.Gen.002 20110913
CAT-QuickHeal Trojan.Krap.ar 20110922
Commtouch W32/SuspPack.DC.gen!Eldorado 20110922
Comodo TrojWare.Win32.PkdKrap.ar 20110922
Emsisoft Packed.Win32.Krap!IK 20110922
F-Prot W32/SuspPack.DC.gen!Eldorado 20110921
F-Secure Trojan.Generic.KD.10015 20110922
Fortinet W32/Krap.AR!tr 20110922
GData Trojan.Generic.KD.10015 20110922
Ikarus Packed.Win32.Krap 20110922
Jiangmin Packed.Krap.cdtf 20110921
K7AntiVirus Riskware 20110921
Kaspersky Packed.Win32.Krap.ar 20110922
McAfee Generic PWS.y!ctc 20110922
McAfee-GW-Edition Generic PWS.y!ctc 20110921
NOD32 a variant of Win32/Kryptik.ETD 20110922
Norman W32/Crypt.AHZB 20110921
nProtect Gen:Variant.Koobface.1 20110922
Panda Trj/StartPage.DAW 20110921
PCTools HeurEngine.Protexor 20110922
Sophos AV Mal/EncPk-LW 20110922
Symantec Packed.Protexor!gen1 20110922
TheHacker Trojan/Krap.ar 20110921
TrendMicro TROJ_AHZB.A 20110922
TrendMicro-HouseCall TROJ_AHZB.A 20110922
VBA32 Malware-Cryptor.Win32.General.4 20110921
VIPRE Trojan-Dropper.Win32.XoredBinary.a (v) 20110922
VirusBuster Trojan.PWS.Beomok!57yaKLSgR8E 20110921
Antiy-AVL 20110922
ClamAV 20110922
DrWeb 20110922
eSafe 20110920
eTrust-Vet 20110921
Microsoft 20110922
Prevx 20110922
Rising 20110922
SUPERAntiSpyware 20110921
ViRobot 20110922
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
FileVersionInfo properties
Copyright
Copyright 2007 Nero AG and its licensors

Publisher Nero AG
Product Nero Home
Original name NMIndexStoreSvr.exe
Internal name NMIndexStoreSvr
File version 3.3.3.0
Description Nero Home
PE header basic information
Number of sections 4
PE sections
PE imports
RegSetValueExA
RegQueryValueExA
LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyExA
RegCloseKey
WideCharToMultiByte
FreeEnvironmentStringsA
GetCPInfo
GetStringTypeW
CreateThread
UnhandledExceptionFilter
GetStringTypeA
TerminateProcess
GetACP
GetCurrentProcess
HeapReAlloc
CloseHandle
LoadLibraryA
HeapAlloc
HeapFree
GetModuleFileNameA
GetModuleHandleA
HeapSize
GetVersionExA
GetFileType
VirtualAlloc
WriteFile
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetHandleCount
HeapCreate
IsBadWritePtr
LCMapStringW
RtlUnwind
WaitForSingleObject
GetEnvironmentVariableA
HeapDestroy
GetStartupInfoA
ExitProcess
VirtualFree
GetStdHandle
GetVersion
GetOEMCP
MultiByteToWideChar
LCMapStringA
GetCommandLineA
VariantClear
VariantCopyInd
SysAllocStringLen
SysStringLen
VariantChangeTypeEx
PeekMessageA
MessageBoxA
MsgWaitForMultipleObjects
LoadStringA
ReadPrinter
File identification
MD5 19866be13773117f0a5a8165e487dacb
SHA1 9240e9cdce915813efa2e249d08de6dcbd9ceefa
SHA256 8a43dbcab2f67f82e1963b860c76026620e7cf465851fdce07eca7c40b78cbf9
ssdeep
768:BIZupLbFUTKWTkV58BMzCxCnumi/PWa2jPaWzDHJus:GZupLmGTVJBm/ujbaijJH

File size 39.0 KB ( 39936 bytes )
File type Win32 EXE
Magic literal

TrID Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
VirusTotal metadata
First submission 2010-04-28 18:20:02 UTC ( 7 years, 9 months ago )
Last submission 2011-09-22 07:29:04 UTC ( 6 years, 5 months ago )
File names 8wWO4.js
aa
sample_19866be13773117f0a5a8165e487dacb
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!