× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9c891edb5da763398969b6aaa86a5d46971bd28a455b20c2067cb512c9f9a0f8
File name: 016169ebebf1cec2aad6c7f0d0ee9026
Detection ratio: 26 / 42
Analysis date: 2010-07-15 10:31:38 UTC ( 8 years, 6 months ago ) View latest
Antivirus Result Update
a-squared Trojan-Dropper.Win32.Stuxnet!IK 20100715
AntiVir TR/Drop.Stuxnet.A.5 20100714
Avast Win32:Malware-gen 20100714
Avast5 Win32:Malware-gen 20100715
AVG Dropper.Generic2.YQQ 20100715
BitDefender Trojan.Generic.4471566 20100715
DrWeb Trojan.Stuxnet.1 20100715
F-Secure Trojan.Generic.4471566 20100715
GData Trojan.Generic.4471566 20100715
Ikarus Trojan-Dropper.Win32.Stuxnet 20100715
Jiangmin TrojanDropper.Stuxnet.a 20100715
Kaspersky Trojan-Dropper.Win32.Stuxnet.a 20100715
McAfee Artemis!016169EBEBF1 20100715
McAfee-GW-Edition Artemis!016169EBEBF1 20100714
Microsoft TrojanDropper:Win32/Stuxnet.A 20100715
Norman W32/Stuxnet.C 20100714
nProtect Trojan.Generic.4471566 20100715
Panda Trj/CI.A 20100715
PCTools Trojan.Gen 20100715
Rising Trojan.Win32.Generic.521D1909 20100715
Sophos AV Troj/Stuxnet-A 20100715
Sunbelt Trojan.Win32.Generic!BT 20100715
Symantec Trojan.Gen 20100715
TrendMicro WORM_STUXNET.A 20100715
TrendMicro-HouseCall WORM_STUXNET.A 20100715
VBA32 Trojan-Spy.0485 20100714
AhnLab-V3 20100714
Antiy-AVL 20100715
Authentium 20100715
CAT-QuickHeal 20100715
ClamAV 20100715
Comodo 20100715
eSafe 20100714
eTrust-Vet 20100715
F-Prot 20100715
Fortinet 20100714
NOD32 20100715
Prevx 20100715
SUPERAntiSpyware 20100715
TheHacker 20100715
ViRobot 20100715
VirusBuster 20100714
The file being studied is a Portable Executable file! More specifically, it is a Win32 DLL file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-03-01 05:52:35
Entry Point 0x0000101B
Number of sections 5
PE sections
PE imports
GetCurrentProcess
lstrcpyW
lstrlenW
lstrcmpiA
GetVersionExW
FreeLibrary
ExitProcess
GetTickCount
VirtualProtect
GetCurrentThreadId
GetProcAddress
DeleteFileA
GetModuleHandleW
wsprintfW
PE exports
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
dll

TimeStamp
2010:03:01 06:52:35+01:00

FileType
Win32 DLL

PEType
PE32

CodeSize
6144

LinkerVersion
9.0

ImageFileCharacteristics
Executable, 32-bit, Removable run from swap, Net run from swap, DLL

EntryPoint
0x101b

InitializedDataSize
506368

SubsystemVersion
5.0

ImageVersion
0.0

OSVersion
5.0

UninitializedDataSize
0

PE resource-wise parents
Compressed bundles
File identification
MD5 016169ebebf1cec2aad6c7f0d0ee9026
SHA1 0931fd4e05e6ea81c75f8488ecc1db9e66f22cbb
SHA256 9c891edb5da763398969b6aaa86a5d46971bd28a455b20c2067cb512c9f9a0f8
ssdeep
12288:K0kBuHsZfYLyB9SqoKumDXh1al+hte5+tAL7LwOJ50UWpGtJxK:/HnqoKpXLaUygKPwob

authentihash c833f86f8d2d531bde9ef89f344d08eecd6e146699e4b75df3a484ec196fdf1c
imphash 0021f47781268b6caaf314d0b686997c
File size 501.5 KB ( 513536 bytes )
File type Win32 DLL
Magic literal
PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (61.7%)
Win32 Dynamic Link Library (generic) (14.7%)
Win32 Executable (generic) (10.0%)
OS/2 Executable (generic) (4.5%)
Generic Win/DOS Executable (4.4%)
Tags
pedll

VirusTotal metadata
First submission 2010-07-08 12:16:17 UTC ( 8 years, 6 months ago )
Last submission 2018-12-09 16:05:21 UTC ( 1 month, 2 weeks ago )
File names file-2991704_exe
smona131531764320470894082
malware.exe
Worm.Win32.Stuxnet.m.exe
smona131181029473427760939
malware.exe-
localfile~
Stux
0931fd4e05e6ea81c75f8488ecc1db9e66f22cbb_~WTR4132.dl
016169ebebf1cec2aad6c7f0d0ee9026
system32.exe
smona132531363388768091692
Stuxnet.exe
stuxnet.data
malware.exe
Stuxnet_malware.exe
smona132064916134280075322
stuxnet_a_1.exe
016169EBEBF1CEC2AAD6C7F0D0EE9026
malware.exe
malware.exe
stuxnet.exe
malware_Exe
stuxnet.bin
016169EBEBF1CEC2AAD6C7F0D0EE9026.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!