× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 90d6165c3f067a5b065f2aecf02ad80c59a3fb6b4c16a7e6056cffcc10380878
File name: 7F0C26FAB59758ECAA83EDC61A2F423D
Detection ratio: 41 / 52
Analysis date: 2014-05-02 13:38:41 UTC ( 4 years, 8 months ago )
Antivirus Result Update
Ad-Aware Trojan.Generic.3025594 20140502
Yandex Trojan.Agent!TrA9tmNR538 20140501
AntiVir TR/Crypt.XPACK.Gen 20140502
Avast Win32:Trojan-gen 20140502
AVG Generic13.ALRX 20140502
Baidu-International Trojan.Win32.Krap.aWzt 20140502
BitDefender Trojan.Generic.3025594 20140502
Bkav W32.Clod7e7.Trojan.bfda 20140428
ClamAV Trojan.Agent-145037 20140502
CMC Packed.Win32.Katusha.1!O 20140429
Commtouch W32/FakeAlert.FB.gen!Eldorado 20140502
Comodo TrojWare.Win32.PkdKrap.Gen 20140502
DrWeb Trojan.MulDrop.63374 20140502
Emsisoft Trojan.Generic.3025594 (B) 20140502
ESET-NOD32 Win32/Small.NFT 20140502
F-Prot W32/FakeAlert.FB.gen!Eldorado 20140502
F-Secure Trojan.Generic.3025594 20140502
Fortinet W32/Krapt.AN!tr 20140502
GData Trojan.Generic.3025594 20140502
Ikarus Packed.Win32.Krap 20140502
Jiangmin Packed.Krap.blfu 20140502
K7GW Trojan ( 00132c5b1 ) 20140501
Kaspersky Packed.Win32.Krap.an 20140502
Kingsoft Win32.Troj.Generic.(kcloud) 20140502
McAfee Generic.dx!7F0C26FAB597 20140502
McAfee-GW-Edition Generic.dx!7F0C26FAB597 20140501
Microsoft Trojan:Win32/Lodap!rts 20140502
eScan Trojan.Generic.3025594 20140502
Norman Krap.NN 20140502
nProtect Trojan/W32.Krap.15360.AQ 20140502
Panda Adware/SecurityProtection 20140502
Qihoo-360 HEUR/Malware.QVM40.Gen 20140502
Sophos AV Mal/FakeAV-BW 20140502
Symantec Trojan Horse 20140502
TheHacker Trojan/Krap.an 20140501
TrendMicro TROJ_FAKEAL.SMDP 20140502
TrendMicro-HouseCall TROJ_GEN.F47V0502 20140502
VBA32 SScope.Malware-Cryptor.MTA 20140502
VIPRE VirTool.Win32.Obfuscator.hg!b1 (v) 20140502
ViRobot Trojan.Win32.Krap.15360.K 20140502
Zillya Trojan.Small.Win32.6646 20140501
AegisLab 20140502
AhnLab-V3 20140502
Antiy-AVL 20140502
ByteHero 20140502
CAT-QuickHeal 20140502
K7AntiVirus 20140501
Malwarebytes 20140502
NANO-Antivirus 20140502
Rising 20140502
SUPERAntiSpyware 20140502
TotalDefense 20140502
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2007-06-19 00:01:53
Entry Point 0x00001470
Number of sections 5
PE sections
PE imports
GetLastError
GetDriveTypeW
lstrcmpiA
WaitForSingleObject
FreeLibrary
ExitProcess
GetModuleHandleW
GetCurrentProcess
FileTimeToLocalFileTime
GetCurrentProcessId
GetCommandLineW
LoadLibraryExW
CreateFileMappingW
GetCPInfo
FindFirstFileW
HeapReAlloc
GetCurrentThreadId
GetExitCodeProcess
OpenEventW
Sleep
IsBadReadPtr
GetTickCount
GetVersion
VirtualAlloc
__p__fmode
_wcsupr
tolower
_unlock
_wcsnicmp
__p__commode
fclose
_stricmp
atoi
_fileno
__setusermatherr
__set_app_type
CoInitialize
CoTaskMemAlloc
CoImpersonateClient
ReleaseStgMedium
CoCreateGuid
OleLoadFromStream
CoFreeUnusedLibraries
PropVariantClear
CreateOleAdviseHolder
CreateILockBytesOnHGlobal
StgIsStorageFile
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2007:06:19 01:01:53+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
5120

LinkerVersion
12.8

FileAccessDate
2014:05:02 14:40:09+01:00

EntryPoint
0x1470

InitializedDataSize
19456

SubsystemVersion
4.0

ImageVersion
5.1

OSVersion
5.1

FileCreateDate
2014:05:02 14:40:09+01:00

UninitializedDataSize
0

File identification
MD5 7f0c26fab59758ecaa83edc61a2f423d
SHA1 f3415e26d571921160cf2537af00381a9c23b617
SHA256 90d6165c3f067a5b065f2aecf02ad80c59a3fb6b4c16a7e6056cffcc10380878
ssdeep
192:+t67zGy6eXfkIljs3Z6Af96xWyN8sDvJ6pdpETBgZkJqDMF6Ku8GR:Y67kAfkIl/AfYTS44ETBgKF6ks

imphash f3edfca895c6c6ce136ce03fd7f00e3f
File size 15.0 KB ( 15360 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win32 Dynamic Link Library (generic) (43.4%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
VXD Driver (0.2%)
Tags
pedll

VirusTotal metadata
First submission 2010-02-03 08:03:16 UTC ( 8 years, 11 months ago )
Last submission 2011-08-15 02:07:27 UTC ( 7 years, 5 months ago )
File names 7F0C26FAB59758ECAA83EDC61A2F423D
aa
4MvQ.ps1
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!