× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a7ea2d67bde0077003132ac2a61ac690f9fa4e542491cd395a6693383831e28a
File name: AEF5342541BEAE2A9A1D026B757D3612
Detection ratio: 37 / 43
Analysis date: 2011-07-15 12:11:23 UTC ( 6 years, 11 months ago )
Antivirus Result Update
AhnLab-V3 Win-Trojan/Fraudpack.25600.AX 20110714
AntiVir TR/Crypt.XPACK.Gen3 20110714
Avast Win32:Malware-gen 20110714
Avast5 Win32:Malware-gen 20110714
AVG Generic17.AZHO 20110714
BitDefender Trojan.Generic.KD.6296 20110714
CAT-QuickHeal Trojan.FraudPack.aykc 20110713
Commtouch W32/MalwareS.ACPJ 20110714
Comodo MalCrypt.Indus! 20110714
DrWeb Trojan.Packed.20771 20110714
Emsisoft Packed.Win32.Katusha!IK 20110714
eTrust-Vet Win32/Tnega.CRV 20110714
F-Prot W32/MalwareS.ACPJ 20110713
F-Secure Trojan.Generic.KD.6296 20110714
Fortinet W32/FraudLoad.DIA!tr 20110714
GData Trojan.Generic.KD.6296 20110714
Ikarus Packed.Win32.Katusha 20110714
Jiangmin Trojan/FraudPack.xie 20110713
K7AntiVirus Riskware 20110713
Kaspersky Packed.Win32.Katusha.o 20110714
McAfee Generic.dx!thw 20110714
McAfee-GW-Edition Generic.dx!thw 20110714
Microsoft Trojan:Win32/Killav.EL 20110714
NOD32 Win32/KillProt.AA 20110714
Norman W32/Suspicious_Gen2.DCQUH 20110714
nProtect Gen:Variant.Alureon.4 20110714
Panda Trj/KillAV.FJ 20110713
PCTools Trojan.KillAV!rem 20110713
Prevx High Risk Cloaked Malware 20110715
Sophos AV Mal/Generic-L 20110714
SUPERAntiSpyware Trojan.Agent/Gen-Falprod 20110714
Symantec Trojan.KillAV 20110714
TrendMicro TROJ_KILLAV.AHG 20110714
TrendMicro-HouseCall TROJ_KILLAV.AHG 20110714
VBA32 Trojan.MTE.0581 20110714
VIPRE Trojan.KillAV 20110714
VirusBuster Trojan.KillProt!FxKGNJniqDw 20110713
Antiy-AVL 20110714
ClamAV 20110714
eSafe 20110713
Rising 20110714
TheHacker 20110714
ViRobot 20110714
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
FileVersionInfo properties
Copyright
Yqovuszywwsjlooysz Orxvpuxzruwv Xprutvyxzyqgelvtcjhryw

Publisher Ewuzxpwudkibigdbisqxvce Iknkirywwzzqtvuxzy Wsuqloqpsutwyxpdkipnussuxrywvr
Product Ovuxzeqs Gomtsqxypzrzqs Vwztvycahrpwvtsuxahgelvtgnlvp Qxvel
File version 4.2.1.8
Description Szjmorqktryweljqljqohom Masryw Xzacfhhbegjcuxzacfru Egjipnvyxqseljgjlecjtrywyq
PE header basic information
Number of sections 5
PE sections
PE imports
RegQueryValueExA
RegDeleteValueW
RegOpenKeyExW
CreateDCW
SetBkColor
GetBkColor
CreateDCA
EnumObjects
StretchDIBits
EnumFontsA
StretchBlt
CreateFontW
MaskBlt
CreatePen
FillPath
GetCurrentThreadId
GetVersionExA
GetFullPathNameW
TerminateProcess
GetShortPathNameA
GetShortPathNameW
CreateWaitableTimerA
GetModuleHandleA
GetSystemDefaultUILanguage
FreeLibrary
_hwrite
VirtualAlloc
MulDiv
TerminateThread
QueryPerformanceCounter
GetCurrentProcessId
lstrcpyW
GetAtomNameW
StrChrIW
StrCmpNIW
AssocCreate
SetDlgItemTextA
SetTimer
DispatchMessageW
DestroyWindow
LoadIconA
GetParent
SetWindowLongA
IsCharLowerA
GetIconInfo
LoadStringA
SendMessageW
EndDialog
DialogBoxParamA
GetSystemMetrics
BeginPaint
PostMessageW
CharPrevExA
GetFocus
EndPaint
GetWindowLongW
LoadCursorW
DialogBoxParamW
DialogBoxParamW
GetFocus
GetClientRect
TranslateMessageEx
SetWindowTextA
CharNextW
KillTimer
PostQuitMessage
GetDlgItemTextA
SendMessageA
SetForegroundWindow
SetDlgItemInt
PeekMessageW
LoadIconA
CharPrevA
LoadIconW
DefWindowProcW
GetSysColorBrush
ReleaseDC
GetDesktopWindow
LoadStringW
File identification
MD5 aef5342541beae2a9a1d026b757d3612
SHA1 c32a26dcbfef90d0fd5880775aea705e7e1de474
SHA256 a7ea2d67bde0077003132ac2a61ac690f9fa4e542491cd395a6693383831e28a
ssdeep
768:BABW4FESKVNiv+RiYz6yo10TdsEGJLPJu:WBW4FE/Niv+RMylsHJj

File size 25.0 KB ( 25600 bytes )
File type Win32 EXE
Magic literal

TrID Win32 Executable MS Visual C++ 4.x (55.5%)
Win64 Executable Generic (35.3%)
Win32 Executable Generic (3.5%)
Win32 Dynamic Link Library (generic) (3.1%)
Win16/32 Executable Delphi generic (0.8%)
VirusTotal metadata
First submission 2010-03-23 03:07:22 UTC ( 8 years, 3 months ago )
Last submission 2011-07-15 12:11:23 UTC ( 6 years, 11 months ago )
File names AEF5342541BEAE2A9A1D026B757D3612
5BEm7v.tif
R4IaAA.com
aa
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!