× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 932eb4156f7d0ae071ca723e8691e8f26d37fd36db7d198aa62ac3d9a60f1422
File name: 5CED2E9AB7343C99F197DB3083DC9526
Detection ratio: 36 / 44
Analysis date: 2011-08-26 23:32:04 UTC ( 7 years, 7 months ago )
Antivirus Result Update
AhnLab-V3 Win-Trojan/Hupigon.375296.BW 20110826
AntiVir DR/Delphi.Gen 20110826
Avast Win32:Flot-E [Trj] 20110826
Avast5 Win32:Flot-E [Trj] 20110826
AVG Dropper.Generic.BZLS 20110826
BitDefender Trojan.Generic.3315121 20110827
ByteHero Trojan.Win32.Heur.Gen 20110822
CAT-QuickHeal Backdoor.Hupigon.kmvn 20110826
Commtouch W32/MalwareF.SZA 20110826
Comodo Heur.Suspicious 20110826
DrWeb Trojan.MulDrop1.7994 20110827
Emsisoft Virus.Win32.Dracur!IK 20110827
F-Prot W32/MalwareF.SZA 20110826
F-Secure Trojan.Generic.3315121 20110827
Fortinet W32/Injector.fam!tr 20110826
GData Trojan.Generic.3315121 20110827
Ikarus Virus.Win32.Dracur 20110826
Jiangmin Backdoor/Hupigon.bcgt 20110826
K7AntiVirus Riskware 20110826
Kaspersky Backdoor.Win32.Hupigon.kmvn 20110826
McAfee BackDoor-AWQ.b!efb 20110827
McAfee-GW-Edition BackDoor-AWQ.b!efb 20110826
Microsoft Trojan:Win32/Malat 20110826
NOD32 a variant of Win32/Injector.BCA 20110827
Norman W32/Obfuscated.J 20110826
Panda Trj/CI.A 20110826
PCTools Backdoor.Poison 20110827
Prevx High Risk Cloaked Malware 20110827
Sophos AV Troj/Agent-MSM 20110827
Symantec Trojan.Adclicker 20110827
TrendMicro TROJ_GEN.USEGJ20 20110825
TrendMicro-HouseCall TROJ_GEN.USEGJ20 20110827
VBA32 Trojan.Win32.SB.0210 20110826
VIPRE Trojan.Adclicker 20110827
ViRobot Backdoor.Win32.S.Hupigon.375296.H 20110826
VirusBuster Trojan.Injector!2liGD06zFpo 20110826
Antiy-AVL 20110826
ClamAV 20110826
eSafe 20110825
eTrust-Vet 20110826
nProtect 20110826
Rising 20110826
SUPERAntiSpyware 20110827
TheHacker 20110826
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Number of sections 9
PE sections
PE imports
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
MultiByteToWideChar
GetThreadLocale
GetStartupInfoA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
lstrlenW
TerminateProcess
Sleep
SetLastError
SetFilePointer
SetFileAttributesA
ReadFile
LoadLibraryExA
LoadLibraryA
GetLastError
GetCurrentProcessId
FreeLibrary
DeleteFileA
CreateFileA
CloseHandle
SysFreeString
SysAllocStringLen
SHGetSpecialFolderLocation
SHGetPathFromIDListA
GetKeyboardType
MessageBoxA
CharNextA
LoadCursorA
FindWindowA
CharLowerA
File identification
MD5 5ced2e9ab7343c99f197db3083dc9526
SHA1 3136528d0d25a3859e071699287c2f4e89372e30
SHA256 932eb4156f7d0ae071ca723e8691e8f26d37fd36db7d198aa62ac3d9a60f1422
ssdeep
6144:tGXt5Y43jwz70xKHbOGs/kwu72J4rEAgDFis2amcksl5ozzEdV5dV6a:t8t5Y4i70xKH7SJ4rEA8is2a5j3moz57

File size 366.5 KB ( 375296 bytes )
File type Win32 EXE
Magic literal

TrID Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
VirusTotal metadata
First submission 2010-02-27 03:22:26 UTC ( 9 years ago )
Last submission 2011-08-26 23:32:04 UTC ( 7 years, 7 months ago )
File names 5CED2E9AB7343C99F197DB3083DC9526
97Bl.sys
tu2OpPR.ps1
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!