× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a3cb99f91ad4708ec7ea443ab429277f2c11c23020c5ae5d48b093459b2b3370
File name: aa
Detection ratio: 36 / 42
Analysis date: 2010-11-24 23:00:38 UTC ( 7 years, 6 months ago )
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Zbot 20101123
AntiVir TR/Spyeye.H.12 20101124
Antiy-AVL Trojan/Win32.SpyEyes.gen 20101124
Avast Win32:Malware-gen 20101124
Avast5 Win32:Malware-gen 20101124
AVG Generic19.XB 20101124
BitDefender MemScan:Trojan.Generic.4702959 20101124
Command W32/Skintrim.1!Generic 20101124
Comodo UnclassifiedMalware 20101124
DrWeb Trojan.PWS.SpySweep.30 20101124
eTrust-Vet Win32/Zbot.M!generic 20101124
F-Prot W32/Skintrim.1!Generic 20101124
F-Secure MemScan:Trojan.Generic.4702959 20101124
Fortinet W32/Zbot.U!tr 20101123
GData MemScan:Trojan.Generic.4702959 20101124
Ikarus Trojan-Spy.Win32.Zbot 20101124
Jiangmin TrojanSpy.SpyEyes.akb 20101120
K7AntiVirus Virus 20101124
Kaspersky Trojan-Spy.Win32.SpyEyes.aja 20101124
McAfee Generic.dx!tpj 20101124
McAfee-GW-Edition Generic.dx!tpj 20101124
Microsoft Trojan:Win32/Spyeye.H 20101124
NOD32 Win32/Spy.SpyEye.BX 20101124
Norman W32/Suspicious_Gen2.BZACI 20101124
nProtect MemScan:Trojan.Generic.4702959 20101124
Panda Generic Trojan 20101124
PCTools Trojan.Gen 20101124
Prevx Medium Risk Malware 20101125
Sophos AV Mal/Zbot-U 20101124
Symantec Trojan.Gen 20101124
TheHacker Trojan/Spy.SpyEye.bx 20101123
TrendMicro TROJ_GEN.R4CE1I6 20101124
TrendMicro-HouseCall TROJ_GEN.R4CE1I6 20101124
VBA32 BScope.Psyhopath.xh 20101124
VIPRE Packed.Win32.Zbot.gen.y.5 (v) 20101124
VirusBuster TrojanSpy.SpyEyes!d+H9a4Amwgk 20101124
CAT-QuickHeal 20101124
ClamAV 20101124
eSafe 20101124
Rising 20101124
SUPERAntiSpyware 20101124
ViRobot 20101124
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
FileVersionInfo properties
Copyright
1992-2007

Publisher vahgibcbj
File version 39.110.29.69
Description ajwehskbbiwt
Comments ycatejkdv
Packers identified
PEiD UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PE header basic information
Number of sections 3
PE sections
PE imports
ImageList_Draw
PrintDlgA
EndDoc
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
ExitProcess
CoInitialize
ShellExecuteA
VerQueryValueA
File identification
MD5 b7af3f3d90a3a489f12e2fac2a14fbdf
SHA1 c74b18057156a31c9937ca914dc4be85f596bac2
SHA256 a3cb99f91ad4708ec7ea443ab429277f2c11c23020c5ae5d48b093459b2b3370
ssdeep
3072:Yu85uq4l/MwwmH04ZF8JWBrBPMlijSePEXra8gIvaVZSbSQxyCB1tq:Gf4l/RUa6urB6iqXra8Zv8ZqSOXtq

File size 152.5 KB ( 156160 bytes )
File type unknown
Magic literal

TrID UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
VirusTotal metadata
First submission 2010-08-29 14:05:32 UTC ( 7 years, 9 months ago )
Last submission 2010-11-24 23:00:38 UTC ( 7 years, 6 months ago )
File names 3Q2QC3s4JP.png
aa
qm5uPM9JUG.rtf
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!