× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b8cbce47424868b1c3dd2b591bed8fde1f8ceabf57fc71c4f2cb857d0bcdacfe
File name: aa
Detection ratio: 31 / 41
Analysis date: 2010-07-17 10:33:30 UTC ( 7 years, 11 months ago )
Antivirus Result Update
a-squared Trojan-Banker.Win32.Banker!IK 20100716
AhnLab-V3 Trojan/Win32.FakeMSN 20100716
AntiVir TR/PSW.FakeMSN.IQ 20100716
Avast Win32:Malware-gen 20100716
Avast5 Win32:Malware-gen 20100716
AVG PSW.Generic8.AXG 20100716
BitDefender Trojan.Generic.4162550 20100717
CAT-QuickHeal TrojanPSW.FakeMSN.iq 20100716
Comodo Heur.Suspicious 20100717
DrWeb Trojan.PWS.Banker.48917 20100717
eSafe Win32.Bloodhound.Ban 20100715
F-Secure Trojan.Generic.4162550 20100717
Fortinet W32/Banker.EXF!tr 20100716
GData Trojan.Generic.4162550 20100717
Ikarus Trojan-Banker.Win32.Banker 20100716
Jiangmin Trojan/PSW.FakeMsn.aj 20100717
Kaspersky Trojan-PSW.Win32.FakeMSN.iq 20100717
McAfee Artemis!890EB5C965AA 20100717
McAfee-GW-Edition Artemis!890EB5C965AA 20100716
Microsoft TrojanSpy:Win32/Mafod!rts 20100717
NOD32 Win32/Spy.Banker.UCM 20100716
Norman W32/Bancos.AOSN 20100716
nProtect Trojan-PWS/W32.FakeMSN.2132480 20100717
Panda Trj/CI.A 20100716
PCTools HeurEngine.Bancos 20100717
Rising Trojan.Win32.Generic.52083984 20100716
Sophos AV Troj/Banker-EXF 20100717
Sunbelt Trojan.Win32.Generic!BT 20100717
Symantec Bloodhound.Bancos.1 20100717
VBA32 Trojan-Banker.Win32.Banker.awsi 20100716
VirusBuster Trojan.PWS.FakeMSN.AP 20100716
Antiy-AVL 20100715
Authentium 20100717
ClamAV 20100717
eTrust-Vet 20100716
F-Prot 20100717
SUPERAntiSpyware 20100717
TheHacker 20100716
TrendMicro 20100716
TrendMicro-HouseCall 20100717
ViRobot 20100717
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 3
PE sections
PE imports
RegCloseKey
ImageList_Add
SaveDC
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
ExitProcess
OleDraw
VariantCopy
VerQueryValueA
FindCloseUrlCache
File identification
MD5 890eb5c965aabac806fbf5625987143e
SHA1 492a51cc0a68c9e8da20dbcd8651cfa25fe139a0
SHA256 b8cbce47424868b1c3dd2b591bed8fde1f8ceabf57fc71c4f2cb857d0bcdacfe
ssdeep
49152:Co+WBMMSkykM3li8BgSb1PsXnZzMiuBZqQftVfx8EItmYe6BcytR0DZ:loohWgShoh1uBZqQ7xTItmYe6HR0

File size 2.0 MB ( 2132480 bytes )
File type unknown
Magic literal

TrID UPX compressed Win32 Executable (38.5%)
Win32 EXE Yoda's Crypter (33.4%)
Win32 Executable Generic (10.7%)
Win32 Dynamic Link Library (generic) (9.5%)
Win16/32 Executable Delphi generic (2.6%)
VirusTotal metadata
First submission 2010-06-10 07:12:36 UTC ( 8 years ago )
Last submission 2010-07-17 10:33:30 UTC ( 7 years, 11 months ago )
File names mi6cRHL.rar
aa
PV_Sn5Gx.ocx
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!