× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 90af9dbeb7141c56370fbc5dc08f5f2d102ab413eafd4b2fef3a695964f54fd1
Detection ratio: 25 / 40
Analysis date: 2010-08-02 04:23:17 UTC ( 7 years, 5 months ago )
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Refroso 20100731
AntiVir TR/Refroso.bmjh 20100801
Antiy-AVL Trojan/Win32.Refroso.gen 20100730
Avast Win32:Delf-NMU 20100802
Avast5 Win32:Delf-NMU 20100802
BitDefender Gen:Trojan.Heur.DP.eGW@aqbdrsbi 20100802
CAT-QuickHeal Win32.Trojan.Refroso.bmjh.8 20100731
Comodo Backdoor.Win32.Poison.~bnp 20100802
DrWeb Trojan.PWS.Qqrobber.799 20100802
Emsisoft Trojan.Win32.Refroso!IK 20100730
F-Secure Gen:Trojan.Heur.DP.eGW@aqbdrsbi 20100802
Fortinet W32/Injector.fam!tr 20100801
GData Gen:Trojan.Heur.DP.eGW@aqbdrsbi 20100802
Ikarus Trojan.Win32.Refroso 20100802
Jiangmin Backdoor/Poison.hjo 20100801
Kaspersky Trojan.Win32.Refroso.bmjh 20100802
NOD32 a variant of Win32/Injector.CFE 20100801
Norman W32/Suspicious_Gen2.dam 20100801
nProtect Trojan/W32.Refroso.66979 20100801
Panda Bck/Bifrost.gen 20100801
PCTools Trojan.Gen 20100802
Prevx Medium Risk Malware 20100802
Rising Trojan.Win32.DelfInject.dn 20100731
Symantec Trojan.Gen 20100802
VirusBuster Trojan.Refroso.IYM 20100801
Authentium 20100802
AVG 20100801
ClamAV 20100801
eSafe 20100801
eTrust-Vet 20100731
F-Prot 20100802
McAfee 20100802
Microsoft 20100801
Sophos AV 20100802
Sunbelt 20100802
SUPERAntiSpyware 20100801
TheHacker 20100730
TrendMicro 20100801
TrendMicro-HouseCall 20100802
ViRobot 20100801
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 8
PE sections
PE imports
GetCurrentThreadId
GetLastError
ExitProcess
WriteFile
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
CreateFileA
CloseHandle
GetCommandLineA
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
GetModuleFileNameA
FreeLibrary
HeapFree
HeapReAlloc
HeapAlloc
GetProcessHeap
LoadLibraryA
GetProcAddress
GetCommandLineA
FreeLibrary
CharNextA
File identification
MD5 70928931ec675b91d438932c2421648c
SHA1 b213dbc52131d7f4794cf251f5008d8cbaa56dd3
SHA256 90af9dbeb7141c56370fbc5dc08f5f2d102ab413eafd4b2fef3a695964f54fd1
ssdeep
1536:qi/F2qUHu1Hmr09NZFyI0HFmvBsjPG7PaSUjK1UibD:qGF2q+0HmrgxjiFmJljUtY

File size 65.4 KB ( 66979 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
VirusTotal metadata
First submission 2010-08-02 04:23:17 UTC ( 7 years, 5 months ago )
Last submission 2010-08-02 04:23:17 UTC ( 7 years, 5 months ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!