× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 902b74e4c6a70f73d7dc0b8c0a2ce80d6004b58a394d1a4268f91694a0e0a19b
Detection ratio: 20 / 42
Analysis date: 2010-11-23 15:02:02 UTC ( 6 years, 12 months ago )
Antivirus Result Update
AntiVir TR/Drop.AQE.344355 20101123
Avast Win32:Malware-gen 20101123
Avast5 Win32:Malware-gen 20101123
AVG Dropper.Generic_c.JCP 20101123
Command W32/Trojan2.NFFQ 20101123
Comodo TrojWare.Win32.Ybk.k2 20101123
eSafe Win32.TRDrop.Aqe 20101123
F-Prot W32/Trojan2.NFFQ 20101123
GData Win32:Malware-gen 20101123
Ikarus Trojan-Dropper.AQE 20101123
K7AntiVirus Trojan 20101123
McAfee Artemis!3475CB08EDF0 20101123
McAfee-GW-Edition Artemis!3475CB08EDF0 20101123
Norman W32/Delf.C!genr 20101122
Panda Suspicious file 20101123
PCTools Trojan.ADH 20101123
Prevx High Risk Cloaked Malware 20101123
SUPERAntiSpyware Trojan.Agent/Gen-Partner[MSN-Fake] 20101123
Symantec Trojan.ADH 20101123
VIPRE Trojan.Win32.Generic!BT 20101123
AhnLab-V3 20101123
Antiy-AVL 20101123
BitDefender 20101123
CAT-QuickHeal 20101109
ClamAV 20101123
DrWeb 20101123
eTrust-Vet 20101123
F-Secure 20101122
Fortinet 20101123
Jiangmin 20101120
Kaspersky 20101123
Microsoft 20101123
NOD32 20101123
nProtect 20101123
Rising 20101123
Sophos AV 20101123
TheHacker 20101123
TrendMicro 20101123
TrendMicro-HouseCall 20101123
VBA32 20101123
ViRobot 20101123
VirusBuster 20101123
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 4
PE sections
PE imports
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetFileSecurityA
SetFileSecurityW
1 more function(s) imported by ordinal)
CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA
DeleteObject
CloseHandle
CompareStringA
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
ExitProcess
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FreeLibrary
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetDateFormatA
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetNumberFormatA
GetProcAddress
GetProcessHeap
GetStdHandle
GetSystemTime
GetTempPathA
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalAlloc
HeapAlloc
HeapFree
HeapReAlloc
IsDBCSLeadByte
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
MoveFileExA
MultiByteToWideChar
ReadFile
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
Sleep
SystemTimeToFileTime
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrlenA
CLSIDFromString
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
SHBrowseForFolderA
SHChangeNotify
SHFileOperationA
SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
CharToOemA
CharToOemBuffA
CharUpperA
CopyRect
CreateWindowExA
DefWindowProcA
DestroyIcon
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
FindWindowExA
GetClassNameA
GetClientRect
GetDlgItem
GetDlgItemTextA
GetMessageA
GetParent
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
IsWindow
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadIconA
LoadStringA
MapWindowPoints
MessageBoxA
OemToCharA
OemToCharBuffA
PeekMessageA
PostMessageA
RegisterClassExA
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetMenu
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UpdateWindow
WaitForInputIdle
wsprintfA
wvsprintfA
File identification
MD5 3475cb08edf0626fe6dd29b9686d4196
SHA1 b53f313a609c87a9de7b564bb1014be5f48adbd4
SHA256 902b74e4c6a70f73d7dc0b8c0a2ce80d6004b58a394d1a4268f91694a0e0a19b
ssdeep
49152:bIn7vwvyHniqTyS50QLfGaWRo/SI2jCKDfGPF8Ccagzf/qkbVGxkq3BeL2B0mPiE:K3NTyI9GaWU2FG98z3DbVEke/B02O60e

File size 3.3 MB ( 3449182 bytes )
File type unknown
Magic literal

TrID WinRAR Self Extracting archive (95.7%)
Win32 Executable Generic (1.5%)
Win32 Dynamic Link Library (generic) (1.4%)
Win32 Executable Watcom C++ (generic) (0.4%)
Generic Win/DOS Executable (0.3%)
VirusTotal metadata
First submission 2010-05-07 09:24:50 UTC ( 7 years, 6 months ago )
Last submission 2010-11-23 15:02:02 UTC ( 6 years, 12 months ago )
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!