× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b86ad0c8f3cc0b8512b55a9ca82b90b6041197077160a0fc7e0803deb8b89332
Detection ratio: 23 / 41
Analysis date: 2010-08-25 20:26:22 UTC ( 8 years, 6 months ago )
Antivirus Result Update
AntiVir TR/Agent.GX.709 20100825
Antiy-AVL Packed/Win32.Krap.gen 20100823
Avast Win32:Malware-gen 20100825
Avast5 Win32:Malware-gen 20100825
AVG Generic18.AIMH 20100825
BitDefender Trojan.Zbot.610 20100825
DrWeb Trojan.Packed.20343 20100825
Emsisoft Trojan.Zbot!IK 20100825
eTrust-Vet Win32/Zbot.CJP 20100825
F-Secure Trojan.Zbot.610 20100825
GData Trojan.Zbot.610 20100825
Ikarus Trojan.Zbot 20100825
Jiangmin Packed.Krap.cyds 20100825
Kaspersky Packed.Win32.Krap.gx 20100825
NOD32 a variant of Win32/Kryptik.FMT 20100825
Norman W32/Suspicious_Gen2.BOUQW 20100825
nProtect Trojan.Zbot.610 20100825
Panda Trj/Krapack.gen 20100825
Prevx Medium Risk Malware 20100825
Sophos AV Mal/Zbot-U 20100825
Sunbelt Trojan.Win32.Zbot.Gen.2 (v) 20100825
TheHacker Trojan/Kryptik.fmt 20100825
VBA32 Win32.Spy.Zbot.YW 20100825
AhnLab-V3 20100825
Authentium 20100825
CAT-QuickHeal 20100824
ClamAV 20100825
Comodo 20100825
eSafe 20100825
F-Prot 20100825
Fortinet 20100825
McAfee 20100825
Microsoft 20100825
PCTools 20100825
Rising 20100825
SUPERAntiSpyware 20100825
Symantec 20100825
TrendMicro 20100825
TrendMicro-HouseCall 20100825
ViRobot 20100825
VirusBuster 20100825
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 4
PE sections
PE imports
VirtualFree
LocalAlloc
GetCurrentThreadId
LocalFree
GetCommandLineW
SetEvent
GetCurrentProcess
GetTickCount
LocalAlloc
GetCurrentProcessId
GetACP
FindResourceA
GetTickCount
FormatMessageW
GetModuleFileNameA
SetEvent
GetCurrentThreadId
LocalFree
MultiByteToWideChar
GetModuleHandleA
GetCommandLineA
GetModuleHandleW
NtAllocateVirtualMemory
EndPaint
EndPaint
GetDlgCtrlID
SendDlgItemMessageW
LoadImageW
BeginPaint
EnableMenuItem
MoveWindow
SetWindowPos
GetMessageW
KillTimer
GetDlgCtrlID
GetSysColor
EndPaint
GetDlgCtrlID
BeginPaint
EndPaint
PostMessageW
DialogBoxParamW
CheckDlgButton
DialogBoxParamW
SendDlgItemMessageW
GetCursorPos
LoadImageW
DialogBoxParamW
LoadAcceleratorsW
GetDlgCtrlID
IsDlgButtonChecked
SetWindowPos
EndPaint
File identification
MD5 d2ce3b04d993ccbce1778899af7f76f7
SHA1 4ecb16fa66e85abfe941dded7351645db1106346
SHA256 b86ad0c8f3cc0b8512b55a9ca82b90b6041197077160a0fc7e0803deb8b89332
ssdeep
768:cUwP5nXXnqWTfU0CFCcPogXloB3P3vE6JksvrSX//xSk8jP+f+dkEe4QO3y2DfOG:rwgiUcJg1oB3P38ANvrSr8z+gLaSbfRT

File size 55.7 KB ( 57078 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (35.1%)
Win32 Dynamic Link Library (generic) (31.2%)
Win16/32 Executable Delphi generic (8.5%)
Clipper DOS Executable (8.3%)
Generic Win/DOS Executable (8.2%)
VirusTotal metadata
First submission 2010-08-25 20:26:22 UTC ( 8 years, 6 months ago )
Last submission 2010-08-25 20:26:22 UTC ( 8 years, 6 months ago )
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!