× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a7fc8ced510207179489518f974c815d7076715f288b8dc94356c7bd2b729507
Detection ratio: 40 / 42
Analysis date: 2010-12-20 21:10:44 UTC ( 7 years, 7 months ago )
Antivirus Result Update
AhnLab-V3 Win-Trojan/Onlinegamehack.17960.CN 20101220
AntiVir TR/PSW.Magania.dplb 20101220
Antiy-AVL Trojan/Win32.OnLineGames.gen 20101220
Avast Win32:Lolyda-B 20101220
Avast5 Win32:Lolyda-B 20101220
AVG PSW.OnlineGames3.ARSX 20101220
BitDefender Trojan.Generic.5097215 20101220
CAT-QuickHeal Win32.PWS.Dozmot.D.3 20101220
ClamAV Trojan.Spy-73885 20101220
Command W32/OnlineGames.A.gen!GSA 20101220
Comodo TrojWare.Win32.PSW.OnlineGames.~BNKB 20101220
DrWeb Trojan.PWS.Gamania.27999 20101220
eTrust-Vet Win32/Onlinegames!generic 20101220
F-Prot W32/OnlineGames.A.gen!GSA 20101220
F-Secure Trojan.Generic.5097215 20101220
GData Trojan.Generic.5097215 20101220
Ikarus Trojan-GameThief.Win32.OnLineGames 20101220
Jiangmin Trojan/PSW.OnLineGames.btwb 20101220
K7AntiVirus Riskware 20101220
Kaspersky Trojan-GameThief.Win32.OnLineGames.bnkb 20101220
McAfee Artemis!E00EFBC159BB 20101220
McAfee-GW-Edition Heuristic.BehavesLike.Win32.ModifiedUPX.F 20101220
Microsoft PWS:Win32/Dozmot.D 20101220
NOD32 a variant of Win32/PSW.OnLineGames.NSU 20101220
Norman W32/OnLineGames.LUQH 20101220
nProtect Trojan-PWS/W32.WebGame.17960.AO 20101220
Panda Trj/Lineage.LNC 20101220
PCTools Trojan-PSW.Onlinegame!rem 20101220
Prevx Medium Risk Malware 20101220
Rising Trojan.PSW.Win32.GameOL.yzx 20101220
Sophos AV Mal/Generic-L 20101220
SUPERAntiSpyware Trojan.Agent/Gen-OnlineGames 20101220
Symantec Infostealer.Onlinegame 20101220
TheHacker Trojan/OnLineGames.bnkb 20101220
TrendMicro TSPY_GAMETHI.SMJ 20101220
TrendMicro-HouseCall TSPY_GAMETHI.SMJ 20101220
VBA32 Trojan-Dropper.Agent.11121 20101220
VIPRE Trojan.Win32.Generic!BT 20101220
ViRobot Trojan.Win32.PSWIGames.17960.X 20101220
VirusBuster Trojan.DR.Dozmot.Gen 20101220
eSafe 20101219
Fortinet 20101219
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
Packers identified
PEiD UPX 2.93 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PE header basic information
Number of sections 3
PE sections
PE imports
RegEnumKeyA
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
ExitProcess
wsprintfA
File identification
MD5 e00efbc159bbd48b347aff3da0d99ce3
SHA1 2fea6fec405292b9a37b99c1d252a2bb7dd31f77
SHA256 a7fc8ced510207179489518f974c815d7076715f288b8dc94356c7bd2b729507
ssdeep
384:M7oOdFv1PJc85puFMwehYol4mPo9cv8Mu7svXUaNJawcudoD7U0w2Jn:Sok6cYolvP4cv8RsP9nbcuyD7UOn

File size 17.5 KB ( 17960 bytes )
File type unknown
Magic literal

TrID UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
VirusTotal metadata
First submission 2010-09-18 02:45:42 UTC ( 7 years, 11 months ago )
Last submission 2010-12-20 21:10:44 UTC ( 7 years, 7 months ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!