× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 9fa7f4900ef91ffece9f9862018411d5024b1f41a6abfc44cf975a218d783ec6
Detection ratio: 15 / 42
Analysis date: 2010-03-29 09:00:02 UTC ( 8 years, 10 months ago )
Antivirus Result Update
AhnLab-V3 Win-Trojan/Fakeav.100864 20100329
Authentium W32/FakeAlert.FT.gen!Eldorado 20100329
BitDefender Trojan.Renos.PBS 20100329
CAT-QuickHeal Win32.Packed.Krap.as.5 20100329
eTrust-Vet Win32/FakeAlert.D!generic 20100329
F-Prot W32/FakeAlert.FT.gen!Eldorado 20100329
F-Secure Trojan-Downloader:W32/Renos.gen!C 20100329
GData Trojan.Renos.PBS 20100329
McAfee Downloader-CEW 20100328
McAfee+Artemis Downloader-CEW 20100328
Panda Suspicious file 20100328
Prevx Medium Risk Malware Dropper 20100329
Rising Packer.Win32.UnkPacker.a 20100329
Sophos AV Mal/FakeAV-CX 20100329
Symantec Suspicious.Insight 20100329
a-squared 20100329
AntiVir 20100328
Antiy-AVL 20100326
Avast 20100328
Avast5 20100328
AVG 20100328
ClamAV 20100329
Comodo 20100329
DrWeb 20100328
eSafe 20100328
Fortinet 20100327
Ikarus 20100329
Jiangmin 20100329
K7AntiVirus 20100322
Kaspersky 20100329
McAfee-GW-Edition 20100328
Microsoft 20100329
NOD32 20100328
Norman 20100328
nProtect 20100328
PCTools 20100329
Sunbelt 20100329
TheHacker 20100329
TrendMicro 20100329
VBA32 20100327
ViRobot 20100329
VirusBuster 20100328
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 5
PE sections
PE imports
ImageList_GetBkColor
ImageList_Read
ImageList_Create
ImageList_Add
ImageList_Destroy
ImageList_Draw
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA
ChooseColorA
FindTextA
CreateCompatibleDC
SetPixel
GetDIBits
CreatePenIndirect
LineTo
GetCommandLineA
GetSystemDefaultLangID
VirtualFree
SetErrorMode
ExitThread
ResetEvent
CreateEventA
GetDateFormatA
FreeLibrary
ExitProcess
VirtualAllocEx
InitializeCriticalSection
SetEndOfFile
lstrcpyA
FindResourceA
VirtualAlloc
LoadLibraryA
Sleep
GetCurrentThread
FormatMessageA
WriteFile
GetFileType
GetUserDefaultLCID
GetDiskFreeSpaceA
GetFileAttributesA
HeapFree
CreateFileA
RaiseException
GetOEMCP
GetStdHandle
DeleteCriticalSection
GetCurrentProcessId
GetFullPathNameA
GetModuleHandleA
GetStringTypeW
WideCharToMultiByte
GetLocaleInfoA
CompareStringA
GetEnvironmentStrings
SetHandleCount
GetVersion
time
wcsncmp
memmove
memcpy
memset
atol
wcstol
clock
tolower
sqrt
wcschr
calloc
_acmdln
strlen
malloc
_wcsnicmp
atoi
atol
wcscat
NtWaitForSingleObject
GetHGlobalFromStream
CLSIDFromProgID
StgCreateDocfileOnILockBytes
ReleaseStgMedium
StringFromIID
CoCreateGuid
CoReleaseMarshalData
CoCreateInstanceEx
CLSIDFromString
CoRegisterClassObject
SysStringLen
SysFreeString
SafeArrayUnaccessData
SysReAllocStringLen
SysAllocStringLen
SafeArrayCreate
SafeArrayPtrOfIndex
VariantCopyInd
VariantChangeType
SafeArrayGetElement
SHFileOperationA
SHGetFolderPathA
SHGetSpecialFolderLocation
SHSetValueA
PathIsDirectoryA
PathGetCharTypeA
PathFileExistsA
GetMenu
BeginPaint
SetWindowLongA
DrawMenuBar
RegisterClassA
IsMenu
EqualRect
CreateMenu
GetScrollRange
GetScrollPos
GetCapture
ShowScrollBar
GetWindowTextA
CreateIcon
CharLowerBuffA
GetSysColorBrush
GetClassLongA
EnumChildWindows
DrawIconEx
GetCursor
EndDeferWindowPos
IsChild
CharLowerA
GetClientRect
DrawIcon
GetActiveWindow
CharToOemA
GetClassInfoA
HideCaret
SetTimer
GetMessagePos
GetLastActivePopup
IsWindowVisible
FrameRect
EnumWindows
GetPropA
GetKeyState
GetWindow
SetWindowTextA
GetForegroundWindow
GetIconInfo
GetClipboardData
SetWindowPos
GetMenuStringA
SetCursor
DrawEdge
TrackPopupMenu
GetSubMenu
GetMenuItemCount
IsWindowEnabled
GetCursorPos
DispatchMessageA
DefWindowProcA
DefFrameProcA
BeginDeferWindowPos
EnableScrollBar
GetFocus
SystemParametersInfoA
DrawTextA
CharNextA
DrawFrameControl
GetParent
GetDlgItem
GetSysColor
CallWindowProcA
GetDesktopWindow
IsDialogMessageA
EnableWindow
CallNextHookEx
GetMenuItemInfoA
GetDCEx
VerInstallFileA
GetFileVersionInfoSizeA
GetFileVersionInfoA
File identification
MD5 bd5e1fd2eab6a0bf6cdec6084fbf5aea
SHA1 1113e1d014572bc647296a80a3ded96ffca32328
SHA256 9fa7f4900ef91ffece9f9862018411d5024b1f41a6abfc44cf975a218d783ec6
ssdeep
3072:KO4S4Zc6kWBraFtuq/JYW2+haDg2E886VuBfx:KzZcKBraF4q/Jj7h2g2Epl

File size 98.5 KB ( 100864 bytes )
File type unknown
Magic literal

TrID Win32 Executable MS Visual C++ (generic) (51.6%)
Windows Screen Saver (17.9%)
Win32 Executable Generic (11.6%)
Win32 Dynamic Link Library (generic) (10.3%)
Clipper DOS Executable (2.7%)
VirusTotal metadata
First submission 2010-03-29 09:00:02 UTC ( 8 years, 10 months ago )
Last submission 2010-03-29 09:00:02 UTC ( 8 years, 10 months ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!