× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8e620d3514c3aab4ffdfb007ccad83ee866e14c97537b5d909ad9a075b185cf1
Detection ratio: 21 / 41
Analysis date: 2010-02-22 20:36:58 UTC ( 9 years, 1 month ago )
Antivirus Result Update
a-squared Trojan-Downloader.Win32.Mebroot!IK 20100222
AntiVir Worm/Zhelatin.asn 20100222
Avast Win32:Prontexer-F 20100222
AVG Downloader.Mebload.B 20100222
BitDefender Worm.Generic.227552 20100222
CAT-QuickHeal I-Worm.Zhelatin.asn 20100222
ClamAV Worm.Zhelatin-39 20100222
Comodo Heur.Packed.Unknown 20100222
F-Secure Worm.Generic.227552 20100222
Fortinet W32/Tibs.ASN@mm 20100221
GData Worm.Generic.227552 20100222
Ikarus Trojan-Downloader.Win32.Mebroot 20100222
Kaspersky Email-Worm.Win32.Zhelatin.asn 20100222
McAfee+Artemis Artemis!3DA5CE8F986A 20100222
McAfee-GW-Edition Worm.Zhelatin.asn 20100222
NOD32 a variant of Win32/TrojanDownloader.Mebload.W 20100222
Panda Trj/CI.A 20100222
Prevx Medium Risk Malware 20100222
Symantec Suspicious.Insight 20100222
TheHacker W32/Zhelatin.asn 20100222
VBA32 Malware-Cryptor.Win32.Kefir 20100222
AhnLab-V3 20100222
Antiy-AVL 20100222
Authentium 20100222
DrWeb 20100222
eSafe 20100222
eTrust-Vet 20100222
F-Prot 20100222
Jiangmin 20100222
K7AntiVirus 20100222
McAfee 20100222
Microsoft 20100222
Norman 20100222
nProtect 20100222
PCTools 20100222
Rising 20100211
Sophos AV 20100222
Sunbelt 20100222
TrendMicro 20100222
ViRobot 20100222
VirusBuster 20100222
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
FileVersionInfo properties
Copyright
Copyright (C) 2008

Product version Application
Original name ver.exe
Internal name version
File version 1, 0, 0, 1
Description version Application
PE header basic information
Number of sections 6
PE sections
PE imports
GetUserNameW
GetUserNameA
RegLoadKeyA
SetCurrentDirectoryA
lstrcmpW
Beep
CloseHandle
CompareStringA
OpenEventA
CreateFileMappingA
CreateNamedPipeA
DeleteAtom
DeleteFileA
DeviceIoControl
DisconnectNamedPipe
DuplicateHandle
GetConsoleMode
GetExitCodeProcess
GetExitCodeThread
GetMailslotInfo
GetModuleFileNameA
GetNamedPipeInfo
GetProcessHeap
GetCurrentProcessId
GetStdHandle
GetCurrentThreadId
GetThreadLocale
GlobalAlloc
IsSystemResumeAutomatic
IsValidCodePage
IsValidLocale
ReleaseMutex
ReleaseSemaphore
ResetEvent
SetFilePointer
GetFileAttributesW
GetComputerNameA
GetBinaryTypeA
GetFileType
CancelIo
BackupSeek
BackupRead
lstrlenW
FlushViewOfFile
GetDriveTypeW
GetCurrentDirectoryA
GetSystemDirectoryW
GetSystemDirectoryA
GetCurrentDirectoryW
GetFileAttributesA
GetStartupInfoA
free
toupper
malloc
OleRun
SHDeleteKeyA
SHEnumKeyExW
SHCopyKeyA
SHCopyKeyW
SHDeleteEmptyKeyA
HashData
ReleaseDC
GetFileVersionInfoA
GetFileVersionInfoSizeA
CloseDriver
timeGetDevCaps
SendDriverMessage
File identification
MD5 3da5ce8f986a84c677c3432a45cfddba
SHA1 88655b5e6fea378ae7e96d0b3b2fd16457713068
SHA256 8e620d3514c3aab4ffdfb007ccad83ee866e14c97537b5d909ad9a075b185cf1
ssdeep
768:lL/I5F38iWOPyAMom/RFTh/H9D3x38qf1zI5PSZN7bMnzI:hI5e5Thh3x3bf1j5bqzI

File size 46.0 KB ( 47104 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (58.4%)
Clipper DOS Executable (13.8%)
Generic Win/DOS Executable (13.7%)
DOS Executable Generic (13.7%)
VXD Driver (0.2%)
VirusTotal metadata
First submission 2010-02-14 07:51:19 UTC ( 9 years, 2 months ago )
Last submission 2010-02-22 20:36:58 UTC ( 9 years, 1 month ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!