× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 91236893ae5b8125e69a9ee3037e14d668952b510c174eb1763a5368cd3f6605
File name: aa
Detection ratio: 35 / 41
Analysis date: 2010-06-11 14:10:57 UTC ( 8 years, 7 months ago )
Antivirus Result Update
a-squared Trojan.Win32.Koblu!IK 20100611
AhnLab-V3 Trojan/Win32.Koblu 20100611
AntiVir TR/Koblu.dfd 20100611
Antiy-AVL Trojan/Win32.Koblu.gen 20100611
Avast Win32:Malware-gen 20100611
Avast5 Win32:Malware-gen 20100611
AVG Generic17.BVXW 20100611
BitDefender Trojan.Generic.KD.10687 20100611
CAT-QuickHeal Trojan.Koblu.dfd 20100611
Comodo TrojWare.Win32.Koblu.D 20100611
DrWeb Trojan.DownLoad1.57249 20100611
eSafe Win32.Refpron.Q 20100610
F-Secure Trojan.Generic.KD.10687 20100611
Fortinet W32/REFPRON.E!tr 20100611
GData Trojan.Generic.KD.10687 20100611
Ikarus Trojan.Win32.Koblu 20100611
Jiangmin Trojan/Koblu.vu 20100611
Kaspersky Trojan.Win32.Koblu.dfd 20100611
McAfee Refpron.gen.q 20100611
McAfee-GW-Edition Refpron.gen.q 20100611
NOD32 Win32/Refpron.II 20100611
Norman W32/Refpron.CNZ 20100611
nProtect Trojan/W32.Agent.33792.JF 20100611
Panda Generic Trojan 20100610
PCTools Trojan.Generic 20100611
Prevx Medium Risk Malware 20100611
Rising Trojan.Win32.Generic.5202FF7D 20100611
Sophos AV Mal/Refpron-E 20100611
Sunbelt Trojan.Win32.Generic!BT 20100611
Symantec Trojan Horse 20100611
TrendMicro TROJ_KOBLU.AE 20100611
TrendMicro-HouseCall TROJ_KOBLU.AE 20100611
VBA32 Trojan.Win32.Koblu.deg 20100611
ViRobot Trojan.Win32.Koblu.33792 20100611
VirusBuster Trojan.Koblu.COM 20100611
Authentium 20100611
ClamAV 20100611
eTrust-Vet 20100611
F-Prot 20100611
Microsoft 20100611
TheHacker 20100611
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
FileVersionInfo properties
Publisher ifdef sys
Product ensure app
File version 7. 4. 7. 2
Description no say word
PE header basic information
Number of sections 8
PE sections
PE imports
GetCurrentThreadId
MultiByteToWideChar
ExitProcess
UnhandledExceptionFilter
RtlUnwind
RaiseException
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
FreeLibrary
HeapFree
HeapReAlloc
HeapAlloc
GetProcessHeap
LoadLibraryW
GetProcAddress
SysFreeString
SysAllocStringLen
File identification
MD5 64161dba0920f82cec5fde5dccfb00da
SHA1 575d0970fc1b85d590c522877ef3fb26d709a673
SHA256 91236893ae5b8125e69a9ee3037e14d668952b510c174eb1763a5368cd3f6605
ssdeep
768:waRE0VlipCWVeCZ4RxVTrkbP3u026v6rc+Jxaa9H:waRVMpCTM4RPnkbP+02fH

File size 33.0 KB ( 33792 bytes )
File type unknown
Magic literal

TrID Win32 Executable Borland Delphi 6 (92.2%)
Win32 Executable Generic (2.9%)
Win32 Dynamic Link Library (generic) (2.6%)
Win16/32 Executable Delphi generic (0.7%)
Generic Win/DOS Executable (0.7%)
VirusTotal metadata
First submission 2010-05-07 09:57:57 UTC ( 8 years, 8 months ago )
Last submission 2010-06-11 14:10:57 UTC ( 8 years, 7 months ago )
File names RkFwoZ0Kks.gz
aN9s96wJ61.tif
aa
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!