× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9df88a0daa6005525e662fb92270b2334e190f02db5fcd184f49801ef8986064
File name: 8860B5FF0866CB2538B3564FE3B38F11
Detection ratio: 34 / 43
Analysis date: 2011-07-15 15:37:56 UTC ( 6 years, 11 months ago )
Antivirus Result Update
AhnLab-V3 Win32/Ircbot.worm.variant 20110715
AntiVir TR/Crypt.XPACK.Gen 20110715
Avast Win32:Oficla-S [Trj] 20110715
Avast5 Win32:Oficla-S [Trj] 20110715
AVG Cryptic.ACW 20110715
BitDefender Trojan.Dropper.Oficla.W 20110715
Commtouch W32/TrojanX.ERRR 20110715
Comodo TrojWare.Win32.Trojan.Agent.Gen 20110715
Emsisoft Trojan-Dropper.Oficla!IK 20110715
eTrust-Vet Win32/Oficla.IQ 20110715
F-Prot W32/TrojanX.ERRR 20110714
F-Secure Trojan.Dropper.Oficla.W 20110715
Fortinet W32/Zbot.AKKD!tr 20110715
GData Trojan.Dropper.Oficla.W 20110715
Ikarus Trojan-Dropper.Oficla 20110715
Jiangmin TrojanDownloader.Agent.covi 20110714
K7AntiVirus Spyware 20110714
Kaspersky Trojan-Spy.Win32.Zbot.akkd 20110715
McAfee Bredolab.gen.t 20110715
McAfee-GW-Edition Bredolab.gen.t 20110715
Microsoft PWS:Win32/Zbot.gen!Y 20110715
NOD32 a variant of Win32/Kryptik.FAU 20110715
Norman W32/Suspicious_Gen2.dam 20110715
nProtect Trojan.Dropper.Oficla.W 20110715
Panda Trj/Sinowal.WXO 20110715
PCTools Trojan.Dropper 20110713
Sophos AV Mal/EncPk-QI 20110715
Symantec Trojan.Dropper 20110715
TheHacker W32/Behav-Heuristic-CorruptFile-EP 20110715
TrendMicro TROJ_DLOADR.SMJU 20110715
TrendMicro-HouseCall TROJ_DLOADR.SMJU 20110715
VIPRE Trojan-Downloader.Win32.Reipym.b (v) 20110715
ViRobot Trojan.Win32.S.Zbot.179712.A 20110715
VirusBuster TrojanSpy.Zbot!oD6IdFTVECk 20110714
Antiy-AVL 20110715
CAT-QuickHeal 20110715
ClamAV 20110714
DrWeb 20110715
eSafe 20110714
Prevx 20110715
Rising 20110715
SUPERAntiSpyware 20110715
VBA32 20110715
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Number of sections 3
PE sections
PE imports
RegOpenKeyExA
IsTextUnicode
RegCreateKeyExA
RegCloseKey
GetUserNameA
RegQueryValueExA
GetCommandLineA
GetModuleHandleA
GetModuleFileNameA
GetCurrentProcess
ExitProcess
GetThreadPriority
FreeLibrary
GetPriorityClass
GetProcessHeap
GetLastError
LoadLibraryA
ExitThread
GetStartupInfoA
GetTickCount
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
VirtualAlloc
GetProcessTimes
Sleep
GetCurrentThread
BeginPaint
GetClassLongA
GetWindowDC
UpdateWindow
ReleaseDC
GetForegroundWindow
GetWindowLongA
GetActiveWindow
CreateWindowExA
GetDC
GetSystemMetrics
IsWindowVisible
GetWindowTextLengthA
RegisterClassA
ShowWindow
GetFocus
GetWindow
GetWindowTextA
OpenIcon
VerQueryValueA
VerLanguageNameA
GetFileVersionInfoSizeA
GetFileVersionInfoA
File identification
MD5 8860b5ff0866cb2538b3564fe3b38f11
SHA1 e62b7f778658221fc3c9bafb8211f108bd7e6e7e
SHA256 9df88a0daa6005525e662fb92270b2334e190f02db5fcd184f49801ef8986064
ssdeep
3072:47cMBkhEb/8/tiKpIGGlh3J6US5T2afarJmcjvKp1vhLZmdw9lrfJ3OW:47B/b/2udZ675fcMQdOJ35

File size 175.5 KB ( 179712 bytes )
File type Win32 EXE
Magic literal

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2010-06-22 16:48:29 UTC ( 8 years ago )
Last submission 2011-07-15 15:37:56 UTC ( 6 years, 11 months ago )
File names 0M_L.tar.bz2
QGQvLbPfea.lnk
aa
8860B5FF0866CB2538B3564FE3B38F11
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!