× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 99316da6f3bf2c5840c6e2ce0eeef160462d48a5fcbeb573cff0ed7e4fd2365b
File name: CBCBEEC255DECCE621524A644D3A534E
Detection ratio: 37 / 43
Analysis date: 2011-07-16 19:04:42 UTC ( 7 years, 9 months ago )
Antivirus Result Update
AhnLab-V3 Spyware/Win32.Zbot 20110716
AntiVir TR/Crypt.XPACK.Gen2 20110715
Avast Win32:Zbot-MQR [Trj] 20110716
Avast5 Win32:Zbot-MQR [Trj] 20110716
AVG PSW.Generic7.BIZT 20110716
BitDefender Trojan.Generic.3181280 20110716
CAT-QuickHeal TrojanSpy.Zbot.aecz 20110716
ClamAV Trojan.Zbot-8696 20110716
Commtouch W32/MalwareF.AGLX 20110716
Comodo TrojWare.Win32.TrojanSpy.Zbot.Gen 20110716
DrWeb Trojan.PWS.Panda.122 20110716
Emsisoft Trojan-Spy.Win32.Zbot!IK 20110716
eSafe Win32.PWSZbot 20110714
eTrust-Vet Win32/Zbot.AJZ 20110715
F-Prot W32/MalwareF.AGLX 20110715
F-Secure Trojan.Generic.3181280 20110716
GData Trojan.Generic.3181280 20110716
Ikarus Trojan-Spy.Win32.Zbot 20110716
Jiangmin TrojanSpy.Zbot.auy 20110714
K7AntiVirus Riskware 20110715
Kaspersky Trojan-Spy.Win32.Zbot.aecz 20110716
McAfee Generic PWS.y!byc 20110716
McAfee-GW-Edition Generic PWS.y!byc 20110716
Microsoft PWS:Win32/Zbot.gen!W 20110716
NOD32 Win32/Spy.Zbot.UN 20110716
Norman W32/Zbot.PAH 20110716
nProtect Gen:Variant.Zbot.8 20110716
Panda Trj/Sinowal.DW 20110716
PCTools Trojan.Generic 20110713
Rising Trojan.Win32.Generic.11E5362C 20110715
Sophos AV Mal/EncPk-OJ 20110716
Symantec Trojan Horse 20110716
TheHacker Trojan/Spy.Zbot.aecz 20110716
VBA32 SScope.Trojan.Bofa 20110715
VIPRE Trojan.Win32.Generic!BT 20110716
ViRobot Spyware.Zbot.104960.K 20110716
VirusBuster TrojanSpy.Zbot!Yhdt/rK4z+8 20110715
Antiy-AVL 20110715
Fortinet 20110716
Prevx 20110716
SUPERAntiSpyware 20110716
TrendMicro 20110716
TrendMicro-HouseCall 20110716
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Number of sections 5
PE sections
PE imports
AnimatePalette
DeleteObject
EndDoc
FrameRgn
GetDeviceCaps
MoveToEx
PolylineTo
SetBkMode
SetTextColor
StartDocA
AllocConsole
BackupSeek
CancelIo
CopyFileA
CreateEventA
CreateFileA
DeleteFileA
FoldStringA
GetCurrentDirectoryA
GetDiskFreeSpaceA
GetFileAttributesA
GetLogicalDrives
GetModuleHandleA
GetProcAddress
GetThreadTimes
GetTickCount
GetVolumeInformationA
HeapFree
IsBadStringPtrA
LocalAlloc
MoveFileA
OpenFile
Sleep
TlsFree
VirtualAlloc
lstrcatA
lstrcpynA
ClipCursor
CreateIcon
DdeNameService
EqualRect
FillRect
FindWindowExA
GetKeyboardLayout
GetTopWindow
InvalidateRect
IsWindow
IsZoomed
LoadCursorA
PostQuitMessage
ShowCaret
TrackMouseEvent
File identification
MD5 cbcbeec255decce621524a644d3a534e
SHA1 fb6ac5ef7a79b4482d969c14d3e2aa20d1ab7d0c
SHA256 99316da6f3bf2c5840c6e2ce0eeef160462d48a5fcbeb573cff0ed7e4fd2365b
ssdeep
3072:tOtb3nK6ilEZ6AJ7HLEbkLJRAXR3iQURdL:tOh3K6ilJsLEbkLJRAXgQgd

File size 102.5 KB ( 104960 bytes )
File type Win32 EXE
Magic literal

TrID Win32 Executable Generic (58.2%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.6%)
DOS Executable Generic (13.6%)
VXD Driver (0.2%)
VirusTotal metadata
First submission 2010-02-13 05:46:02 UTC ( 9 years, 2 months ago )
Last submission 2011-07-16 19:04:42 UTC ( 7 years, 9 months ago )
File names ygqhcHCw.tmp
CBCBEEC255DECCE621524A644D3A534E
5k2KxAbIdo.xltm
aa
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!