× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b82ab51b740d6f5f6c90cf8c0c2d1d1b152e75c96174f11f2d5f1fe13cb88b07
File name: aa
Detection ratio: 18 / 40
Analysis date: 2010-06-11 11:58:23 UTC ( 8 years, 4 months ago )
Antivirus Result Update
a-squared Gen.Variant!IK 20100611
AhnLab-V3 Malware/Win32.Generic 20100611
Avast Win32:Rootkit-gen 20100611
Avast5 Win32:Rootkit-gen 20100610
AVG Generic18.HKL 20100610
BitDefender Gen:Variant.Zbot.6 20100611
DrWeb BackDoor.Gootkit.28 20100611
F-Secure Gen:Variant.Zbot.6 20100611
GData Gen:Variant.Zbot.6 20100611
Ikarus Gen.Variant 20100611
McAfee-GW-Edition Win32.NewMalware.RE 20100611
NOD32 a variant of Win32/Kryptik.EQX 20100611
Norman W32/IrcBot.BBUI 20100610
nProtect Gen:Variant.Zbot.6 20100611
Panda Malicious Packer 20100610
Rising Trojan.Win32.Generic.52084A60 20100611
Sophos AV Mal/EncPk-QH 20100611
VBA32 BScope.Trojan.TDSS 20100610
AntiVir 20100611
Antiy-AVL 20100611
Authentium 20100611
CAT-QuickHeal 20100611
ClamAV 20100611
Comodo 20100611
eSafe 20100610
eTrust-Vet 20100611
F-Prot 20100611
Fortinet 20100610
Jiangmin 20100611
Kaspersky 20100611
McAfee 20100611
Microsoft 20100611
PCTools 20100611
Sunbelt 20100611
Symantec 20100611
TheHacker 20100611
TrendMicro 20100611
TrendMicro-HouseCall 20100611
ViRobot 20100611
VirusBuster 20100610
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 4
PE sections
PE imports
RegOpenKeyW
RegOpenKeyA
CloseHandle
GetThreadLocale
GetProcAddress
VirtualProtect
LoadLibraryA
LocalAlloc
GetSystemInfo
GetModuleHandleA
VirtualAlloc
EndPaint
CharNextA
GetMessageA
TranslateMessage
DispatchMessageA
BeginPaint
File identification
MD5 33e96a3d1804f3ed0bc7f7e157d18304
SHA1 fead1e0fded6c6dc9ad859aff3f474bf829e368b
SHA256 b82ab51b740d6f5f6c90cf8c0c2d1d1b152e75c96174f11f2d5f1fe13cb88b07
ssdeep
1536:zutAlapLSjQZm8Pd+3V79rF0xcVGPT7h6U6t4eS+I:zuKlapcQDPdGrFycVGPAUZe

File size 71.0 KB ( 72704 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2010-06-10 14:22:31 UTC ( 8 years, 4 months ago )
Last submission 2010-06-11 11:58:23 UTC ( 8 years, 4 months ago )
File names t6cIO1.scr
aa
b3ipClv.xls
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!