× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9a8a0e90a9ab820ffadeb15c788beed2f791a739dd44edcb9685bf3884dffd54
File name: Install.exe
Detection ratio: 21 / 41
Analysis date: 2009-10-19 17:20:39 UTC ( 4 years, 8 months ago ) View latest
Antivirus Result Update
AVG Generic15.BSJ 20091019
AntiVir TR/Agent.AH.50 20091019
Antiy-AVL Packed/Win32.Krap.gen 20091019
BitDefender Trojan.Generic.2560586 20091019
CAT-QuickHeal (Suspicious) - DNAScan 20091018
GData Trojan.Generic.2560586 20091019
Ikarus Packed.Win32.Krap 20091019
Kaspersky Packed.Win32.Krap.ah 20091019
McAfee FakeAlert-XPSecCenter 20091018
McAfee+Artemis FakeAlert-XPSecCenter 20091018
McAfee-GW-Edition Trojan.Agent.AH.50 20091019
Microsoft TrojanDownloader:Win32/FakeRean 20091019
NOD32 Win32/Adware.XPAntiSpyware.AA 20091019
Panda Trj/CI.A 20091018
Prevx Medium Risk Malware 20091019
Sophos Mal/Generic-A 20091019
Symantec Trojan.FakeAV 20091019
TrendMicro TROJ_FAKEAV.BLV 20091019
a-squared Packed.Win32.Krap!IK 20091019
eSafe Suspicious File 20091019
eTrust-Vet Win32/XPSecCenter!generic 20091019
AhnLab-V3 20091019
Authentium 20091019
Avast 20091018
ClamAV 20091019
Comodo 20091019
DrWeb 20091019
F-Prot 20091018
F-Secure 20091016
Fortinet 20091019
Jiangmin 20091019
K7AntiVirus 20091019
Norman 20091019
PCTools 20091019
Rising 20091019
Sunbelt 20091018
TheHacker 20091019
VBA32 20091018
ViRobot 20091019
VirusBuster 20091019
nProtect 20091019
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 5
PE sections
PE imports
FreeSid
RegQueryInfoKeyW
RegCreateKeyExW
SetTextAlign
MoveToEx
HeapFree
MapViewOfFile
GetCommandLineW
GetTickCount
RaiseException
GetCommandLineA
GetStartupInfoA
LCMapStringA
LoadLibraryA
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetACP
HeapAlloc
LocalFree
CreateThread
FlushInstructionCache
GetCurrentProcessId
VirtualAlloc
GetCurrentThreadId
SetConsoleCP
TlsGetValue
lstrcpyA
SetStdHandle
TlsSetValue
ExitProcess
GetModuleHandleA
VirtualProtect
HeapReAlloc
GetOEMCP
fclose
memmove
_purecall
__dllonexit
_initterm
StringFromGUID2
RpcStringFreeW
GetMessageA
PeekMessageW
ValidateRect
DrawEdge
SetPropW
ReleaseCapture
DrawTextW
SystemParametersInfoW
GetClassNameW
File identification
MD5 14894e2ee70938a3d2c6fbd13d3b5411
SHA1 70c035fcb2e9ec95be8e876e897e0ffd988f9287
SHA256 9a8a0e90a9ab820ffadeb15c788beed2f791a739dd44edcb9685bf3884dffd54
ssdeep
3072:6YVi8iP91OHScGU7zzu5ylUeZoia+Nm9yPFAunrzJ7:3VI9oHSVUfzu5FePhFAunrB

File size 156.1 KB ( 159856 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2009-10-19 11:39:16 UTC ( 4 years, 8 months ago )
Last submission 2010-01-20 12:16:16 UTC ( 4 years, 5 months ago )
File names
Behaviour characterization
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!