× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8cfb4d63c65b89cda77b6d6bda0d8cd578d3f90af5b0f0b364d506786a53278e
File name: adaa9a8cc6e5680deac4f737c76b3df8
Detection ratio: 47 / 53
Analysis date: 2014-05-31 19:29:40 UTC ( 4 years, 9 months ago )
Antivirus Result Update
Ad-Aware Trojan.Generic.5911076 20140531
Yandex Worm.SdBot!RGSwq8AUJeM 20140531
AhnLab-V3 Worm/Win32.VBNA 20140531
AntiVir TR/Dropper.Gen 20140531
Antiy-AVL Trojan/Win32.Kbot 20140530
Avast Win32:Inject-ATA [Trj] 20140531
AVG Injector.EKS 20140531
Baidu-International Trojan.Win32.Injector.aBV 20140531
BitDefender Trojan.Generic.5911076 20140531
Bkav W32.TempServLnrA.Trojan 20140530
CAT-QuickHeal Trojan.Jorik.r3 20140531
CMC Trojan.Win32.Jorik.Kbot!O 20140530
Commtouch W32/Trojan.OHXN-8590 20140531
Comodo Heur.Suspicious 20140531
DrWeb BackDoor.IRC.Sdbot.15762 20140531
Emsisoft Trojan.Generic.5911076 (B) 20140531
ESET-NOD32 a variant of Win32/Injector.GGD 20140531
F-Secure Trojan.Generic.5911076 20140531
Fortinet W32/Refroso.ATR!tr 20140531
GData Trojan.Generic.5911076 20140531
Ikarus Virus.Worm.SuspectCRC 20140531
Jiangmin Trojan/Jorik.lvst 20140531
K7AntiVirus Trojan ( 002667751 ) 20140530
K7GW Trojan ( 002667751 ) 20140530
Kaspersky Worm.Win32.VBNA.b 20140531
Kingsoft Worm.VBNA.b.(kcloud) 20140531
Malwarebytes Trojan.Backdoor 20140531
McAfee W32/Sdbot.worm!kd 20140531
McAfee-GW-Edition Heuristic.BehavesLike.Win32.Suspicious-BAY.K 20140531
Microsoft VirTool:Win32/VBInject.RT 20140531
eScan Trojan.Generic.5911076 20140531
NANO-Antivirus Trojan.Win32.Jorik.covkpi 20140531
Norman Suspicious_Gen2.dam 20140531
nProtect Trojan/W32.Agent.77824.ATM 20140530
Panda Generic Malware 20140531
Qihoo-360 Win32/Trojan.24f 20140531
Rising PE:Trojan.Win32.Generic.128D2BB4!311241652 20140531
Sophos AV Mal/VBCheMan-C 20140531
Symantec W32.IRCBot 20140531
Tencent Win32.Worm.Vbna.Lqfa 20140531
TheHacker Trojan/CI.gen 20140531
TrendMicro TROJ_GEN.F43EZH3 20140531
TrendMicro-HouseCall TROJ_GEN.F43EZH3 20140531
VBA32 SScope.Trojan.VBRA.599 20140530
VIPRE Trojan.Win32.Generic.pak!cobra 20140531
ViRobot Backdoor.Win32.S.IRCBot.77824.K 20140531
Zillya Backdoor.SdBot.Win32.10456 20140531
AegisLab 20140531
ByteHero 20140531
ClamAV 20140530
F-Prot 20140531
SUPERAntiSpyware 20140531
TotalDefense 20140531
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Product Project1
Original name Project1.dll
Internal name Project1
File version 1.00
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-12-22 00:27:25
Entry Point 0x000012D8
Number of sections 3
PE sections
Number of PE resources by type
RT_ICON 3
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 4
SPANISH MODERN 1
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2010:12:22 01:27:25+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
24576

LinkerVersion
6.0

FileAccessDate
2014:05:31 20:30:13+01:00

EntryPoint
0x12d8

InitializedDataSize
8192

SubsystemVersion
4.0

ImageVersion
1.0

OSVersion
4.0

FileCreateDate
2014:05:31 20:30:13+01:00

UninitializedDataSize
0

File identification
MD5 adaa9a8cc6e5680deac4f737c76b3df8
SHA1 5c14d40d1736eff8c83da959cd451ae8d37fdc5f
SHA256 8cfb4d63c65b89cda77b6d6bda0d8cd578d3f90af5b0f0b364d506786a53278e
ssdeep
1536:BY06WcKM6gEpVzjXaLqtP0BjqOIIHVh573bLSck7xR:a0ha6gEpVHKDSeMT9R

File size 76.0 KB ( 77824 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
peexe

VirusTotal metadata
First submission 2011-05-10 16:24:10 UTC ( 7 years, 10 months ago )
Last submission 2014-05-31 19:29:40 UTC ( 4 years, 9 months ago )
File names file-2222376_exe
kitty5.exe-yniFDB
kitty5.exe
Project1.dll
0c57a80c598b663c5f93aab48e4c95be
_j0OLxe.docm
843711
[17859]kitty5.exe.#
adaa9a8cc6e5680deac4f737c76b3df8.exe
hIldspOtm.drv
Project1
adaa9a8cc6e5680deac4f737c76b3df8
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!