× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ba11732fae0917ebe27633463e7f7a84776aa9557bfc6b352d2ec6bc39b02074
File name: aa
Detection ratio: 34 / 41
Analysis date: 2010-05-14 14:24:42 UTC ( 8 years, 8 months ago )
Antivirus Result Update
a-squared Trojan-Ransom.Win32.XBlocker!IK 20100510
AhnLab-V3 Win-Trojan/Lmirhack.110592.U 20100514
AntiVir TR/Dropper.Gen 20100514
Antiy-AVL Worm/Win32.Koobface.gen 20100514
Authentium W32/VBTrojan.Dropper.4!Maximus 20100514
Avast Win32:Malware-gen 20100513
Avast5 Win32:Malware-gen 20100513
AVG Generic17.ANKF 20100514
BitDefender Trojan.Generic.3568575 20100514
CAT-QuickHeal I-Worm.Koobface.ggf 20100514
Comodo TrojWare.Win32.Trojan.Agent.Gen 20100514
eSafe Win32.TRDropper 20100513
F-Prot W32/VBTrojan.Dropper.4!Maximus 20100514
F-Secure Trojan.Generic.3568575 20100514
GData Trojan.Generic.3568575 20100514
Ikarus Trojan-Ransom.Win32.XBlocker 20100514
Jiangmin Worm/Koobface.axl 20100514
Kaspersky Net-Worm.Win32.Koobface.ggf 20100514
McAfee PWS-LDPinch!dl 20100514
McAfee-GW-Edition Heuristic.BehavesLike.Win32.Downloader.D 20100514
Microsoft VirTool:Win32/VBInject.gen!DG 20100514
NOD32 probably a variant of Win32/Injector.BFV 20100514
Norman W32/Ldpinch.BJQT 20100514
nProtect Trojan.Generic.3568575 20100514
Panda Generic Trojan 20100514
PCTools HeurEngine.MaliciousPacker 20100514
Prevx High Risk Cloaked Malware 20100514
Rising Trojan.Win32.Generic.51FD1C60 20100514
Sophos AV Mal/Koobface-B 20100514
Sunbelt Trojan.Win32.Generic!BT 20100514
Symantec Packed.Generic.296 20100514
TheHacker Trojan/Injector.bfs 20100513
VBA32 Trojan.VBO.014215 20100514
VirusBuster Trojan.DR.Agent.UVIG 20100513
ClamAV 20100514
DrWeb 20100514
eTrust-Vet 20100514
Fortinet 20100514
TrendMicro 20100514
TrendMicro-HouseCall 20100514
ViRobot 20100514
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
FileVersionInfo properties
Copyright
oDljaWJO

Publisher ZuVsOgHn
Product PMARyrvO
Original name CByJnRqbIMknHUZH.exe
Internal name CByJnRqbIMknHUZH
File version 4.04.0004
Description hYdNnRCx
Comments NwOZqgbX
PE header basic information
Number of sections 3
PE sections
PE imports
GetProcAddress
CreateProcessW
RtlMoveMemory
LoadLibraryA
MethCallEngine
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
5 more function(s) imported by ordinal)
File identification
MD5 59948becda55c73b90b3939c285a5947
SHA1 2334e9792da83f97ad9710629cbb0343166ba312
SHA256 ba11732fae0917ebe27633463e7f7a84776aa9557bfc6b352d2ec6bc39b02074
ssdeep
3072:ICTYSqvyZTVXNarSz7ORGOH9TBbQOiPlxla3MFBJq0U4:ICslvyFVX4W+RTBMla85q0H

File size 108.0 KB ( 110592 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2010-04-01 20:41:58 UTC ( 8 years, 9 months ago )
Last submission 2010-05-14 14:24:42 UTC ( 8 years, 8 months ago )
File names RwSehsf.dll
aa
0RAfyr.gif
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!