× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9ab9f0c4ac9479e6a65c258f9152c032fa70c0f965d7c7425be4a91f2ca4bd2f
File name: F118FCB94D272EEA3827B761D2B2D60A
Detection ratio: 19 / 43
Analysis date: 2011-08-09 16:29:27 UTC ( 7 years, 6 months ago )
Antivirus Result Update
Avast Win32:SpyBot-GFX [Trj] 20110809
Avast5 Win32:SpyBot-GFX [Trj] 20110809
CAT-QuickHeal AdWare.Agent.nk (Not a Virus) 20110809
Emsisoft Backdoor.Win32.PcClient.eefn!A2 20110809
eSafe Win32.Artemis 20110809
eTrust-Vet Win32/Susp.BHOPlugin_i 20110809
GData Win32:SpyBot-GFX 20110809
K7AntiVirus Backdoor 20110802
Kaspersky Backdoor.Win32.PcClient.eefn 20110809
McAfee Generic BackDoor!ctt 20110809
McAfee-GW-Edition Generic BackDoor!ctt 20110809
Norman W32/Delf.C!genr 20110809
nProtect Backdoor/W32.PcClient.805406 20110809
PCTools Adware.ADH 20110809
SUPERAntiSpyware Trojan.Agent/Gen-Partner[MSN-Fake] 20110809
Symantec Adware.ADH 20110809
VBA32 Backdoor.PcClient.eefn 20110808
VIPRE Trojan.Win32.Generic!BT 20110809
ViRobot Backdoor.Win32.S.PcClient.805406 20110809
AhnLab-V3 20110809
AntiVir 20110809
Antiy-AVL 20110809
AVG 20110809
BitDefender 20110809
ClamAV 20110809
Commtouch 20110809
Comodo 20110809
DrWeb 20110809
F-Prot 20110809
F-Secure 20110809
Fortinet 20110809
Ikarus 20110809
Jiangmin 20110809
Microsoft 20110809
NOD32 20110809
Panda 20110809
Prevx 20110809
Rising 20110809
Sophos AV 20110809
TheHacker 20110807
TrendMicro 20110809
TrendMicro-HouseCall 20110809
VirusBuster 20110809
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Number of sections 4
PE sections
PE imports
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetFileSecurityA
SetFileSecurityW
1 more function(s) imported by ordinal)
CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA
DeleteObject
CloseHandle
CompareStringA
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
ExitProcess
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FreeLibrary
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetDateFormatA
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetNumberFormatA
GetProcAddress
GetProcessHeap
GetStdHandle
GetTempPathA
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalAlloc
HeapAlloc
HeapFree
HeapReAlloc
IsDBCSLeadByte
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
MoveFileExA
MultiByteToWideChar
ReadFile
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
Sleep
SystemTimeToFileTime
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrlenA
CLSIDFromString
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
SHBrowseForFolderA
SHChangeNotify
SHFileOperationA
SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
CharToOemA
CharToOemBuffA
CharUpperA
CopyRect
CreateWindowExA
DefWindowProcA
DestroyIcon
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
FindWindowExA
GetClassNameA
GetClientRect
GetDlgItem
GetDlgItemTextA
GetMessageA
GetParent
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
IsWindow
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadIconA
LoadStringA
MapWindowPoints
MessageBoxA
OemToCharA
OemToCharBuffA
PeekMessageA
PostMessageA
RegisterClassExA
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetMenu
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UpdateWindow
WaitForInputIdle
wsprintfA
wvsprintfA
File identification
MD5 f118fcb94d272eea3827b761d2b2d60a
SHA1 4f9333afd3d380306c26a55904311d8b5badf36d
SHA256 9ab9f0c4ac9479e6a65c258f9152c032fa70c0f965d7c7425be4a91f2ca4bd2f
ssdeep
12288:tV+mztnf88k58c3X6ZHgHpoaV9/1xAZQcdnn8aaVWY6uOfLWgSuFNXuBjs1o9N1:t8y8vF6qoaj/LWd8aaVWY68gSkMxs1M1

File size 786.5 KB ( 805406 bytes )
File type Win32 EXE
Magic literal

TrID WinRAR Self Extracting archive (95.7%)
Win32 Executable Generic (1.5%)
Win32 Dynamic Link Library (generic) (1.4%)
Win32 Executable Watcom C++ (generic) (0.4%)
Generic Win/DOS Executable (0.3%)
VirusTotal metadata
First submission 2010-07-21 21:06:30 UTC ( 8 years, 7 months ago )
Last submission 2011-08-09 16:29:27 UTC ( 7 years, 6 months ago )
File names F118FCB94D272EEA3827B761D2B2D60A
f118fcb94d272eea3827b761d2b2d60a
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!