× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ab42c4c82b8e9c05e9f1d18485284f4f3561d6050672d778a99c3c2389b17d69
File name: 349C60EFBAB5CB75CE0B97615507F518
Detection ratio: 40 / 43
Analysis date: 2011-07-17 15:51:13 UTC ( 7 years, 3 months ago )
Antivirus Result Update
AhnLab-V3 Trojan/Win32.Shutdowner 20110717
AntiVir TR/Dropper.Gen 20110715
Antiy-AVL Trojan/win32.agent 20110715
Avast NSIS:FakeAV-L [Drp] 20110717
Avast5 NSIS:FakeAV-L [Drp] 20110717
AVG Generic16.JTA 20110717
BitDefender Trojan.Generic.4412603 20110717
CAT-QuickHeal Trojan.Shutdowner.ecc 20110717
ClamAV Trojan.Banker-244 20110717
Commtouch W32/FakeAlert.BI.gen!Eldorado 20110717
Comodo TrojWare.Win32.ShutDowner.NSIS 20110717
DrWeb Trojan.Fakealert.14920 20110717
Emsisoft Trojan.Win32.Shutdowner!IK 20110717
eSafe Win32.TRDropper 20110717
eTrust-Vet Win32/Shutdowner.C 20110715
F-Prot W32/FakeAlert.BI.gen!Eldorado 20110717
F-Secure Trojan.Generic.4412603 20110717
GData Trojan.Generic.4412603 20110717
Ikarus Trojan.Win32.Shutdowner 20110717
K7AntiVirus Riskware 20110715
Kaspersky Trojan.Win32.Shutdowner.ehz 20110717
McAfee FakeAlert-DB 20110717
McAfee-GW-Edition FakeAlert-DB 20110716
Microsoft Rogue:Win32/PrivacyCenter 20110717
NOD32 Win32/Adware.PrivacyCenter.AF 20110717
Norman W32/FakeAV.LTU 20110717
nProtect Trojan/W32.Agent.1594317 20110717
Panda Adware/PrivacyCenter 20110717
PCTools RogueAntiSpyware.Generic 20110713
Prevx Medium Risk Malware 20110717
Rising Trojan.Win32.Generic.11E2E944 20110715
Sophos AV Mal/FakeAV-AA 20110717
SUPERAntiSpyware Trojan.Agent/Gen-CodecFake 20110717
Symantec Trojan.Gen 20110717
TheHacker Trojan/Shutdowner.ecc 20110717
TrendMicro TROJ_NSIS.AX 20110717
TrendMicro-HouseCall TROJ_NSIS.AX 20110717
VBA32 Trojan.Win32.Shutdowner.eqh 20110715
VIPRE Trojan.Win32.Generic.pak!cobra 20110717
VirusBuster Trojan.Shutdowner!zgKR6hEKpd8 20110716
Fortinet 20110717
Jiangmin 20110714
ViRobot 20110717
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Number of sections 5
PE sections
PE imports
RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
ImageList_AddMasked
ImageList_Destroy
ImageList_Create
1 more function(s) imported by ordinal)
SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation
EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance
File identification
MD5 349c60efbab5cb75ce0b97615507f518
SHA1 0edd32eafc5a29d52146e3b5bf7bb72d9ac58302
SHA256 ab42c4c82b8e9c05e9f1d18485284f4f3561d6050672d778a99c3c2389b17d69
ssdeep
49152:1CC67Fe2RZ1UH4imhLgCGLvEcTIMMdY17XX:1q7FeuSYimHQvx/yY1r

File size 1.5 MB ( 1594317 bytes )
File type Win32 EXE
Magic literal

TrID Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
VirusTotal metadata
First submission 2009-12-28 15:24:36 UTC ( 8 years, 9 months ago )
Last submission 2011-07-17 15:51:13 UTC ( 7 years, 3 months ago )
File names 349C60EFBAB5CB75CE0B97615507F518
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!