× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: aaabae08273a0c91838f9a6ef0d9df93478672718296a5bfab9ef21bd20e6098
File name: 4232c0b4d3b38189f8c0ff9e964f9b4186aa5401
Detection ratio: 9 / 46
Analysis date: 2013-10-31 13:55:56 UTC ( 5 years, 5 months ago )
Antivirus Result Update
AhnLab-V3 Backdoor/Win32.ZAccess 20131031
BitDefender Gen:Variant.Kazy.276203 20131031
Emsisoft Gen:Variant.Kazy.276203 (B) 20131031
F-Secure Gen:Variant.Kazy.276203 20131031
Fortinet W32/Kryptik.BDPK!tr 20131031
GData Gen:Variant.Kazy.276203 20131031
Kaspersky HEUR:Trojan.Win32.Generic 20131031
Malwarebytes Malware.Packer.OMG 20131031
McAfee-GW-Edition Heuristic.LooksLike.Win32.Suspicious.E 20131031
Yandex 20131030
AntiVir 20131031
Antiy-AVL 20131031
Avast 20131031
AVG 20131031
Baidu-International 20131031
Bkav 20131031
ByteHero 20131028
CAT-QuickHeal 20131031
ClamAV 20131031
Commtouch 20131031
Comodo 20131031
DrWeb 20131031
ESET-NOD32 20131031
F-Prot 20131031
Ikarus 20131031
Jiangmin 20131031
K7AntiVirus 20131031
K7GW 20131031
Kingsoft 20130829
McAfee 20131031
Microsoft 20131031
eScan 20131028
NANO-Antivirus 20131031
Norman 20131031
nProtect 20131031
Panda 20131031
Rising 20131029
Sophos AV 20131031
SUPERAntiSpyware 20131031
Symantec 20131031
TheHacker 20131029
TotalDefense 20131030
TrendMicro 20131031
VBA32 20131031
VIPRE 20131031
ViRobot 20131031
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2010-07-13 12:44:29
Entry Point 0x00005E4A
Number of sections 4
PE sections
PE imports
PSGPSampleTexture
DebugSetLevel
Direct3DCreate9
PSGPError
GetSystemTime
GetLastError
GetVolumeInformationA
CompareStringA
GetEnvironmentVariableW
GetModuleHandleA
lstrcatA
GetDiskFreeSpaceW
VirtualProtectEx
VirtualFree
GetCurrentDirectoryA
WriteFile
GetFileType
ReadConsoleW
CreateMailslotA
lstrcmpW
GetPrivateProfileIntW
GetTimeFormatA
GetProcessHeap
Number of PE resources by type
Struct(0) 1
RT_MANIFEST 1
Number of PE resources by language
FRENCH BELGIAN 1
ENGLISH US 1
PE resources
File identification
MD5 934ae106d2ec6cf4dd377adcfe960d8d
SHA1 4232c0b4d3b38189f8c0ff9e964f9b4186aa5401
SHA256 aaabae08273a0c91838f9a6ef0d9df93478672718296a5bfab9ef21bd20e6098
ssdeep
12288:7L6qwacWMAjC4qPpNFAgQVJHqA75KW2qp0tovsSxbNP0YRBjMe+jgYe:H6vacDA24YAgGqANKW2qZkFEBwe+jgY

File size 822.0 KB ( 841728 bytes )
File type unknown
Magic literal

TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2013-10-31 13:55:56 UTC ( 5 years, 5 months ago )
Last submission 2013-10-31 13:55:56 UTC ( 5 years, 5 months ago )
File names vqDq.mht
MP5v0ddY9.tgz
4232c0b4d3b38189f8c0ff9e964f9b4186aa5401
aa
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!