× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ba37f14276198e0a1f4ee0f6c6b2472ed5bad0aa738706031ecfa5adb70b2efe
File name: ABB720512B3CA2AEE08EBC2396D4D894
Detection ratio: 37 / 43
Analysis date: 2011-07-15 12:17:12 UTC ( 7 years, 6 months ago )
Antivirus Result Update
AhnLab-V3 Win-Trojan/Fakeav.183296.M 20110715
AntiVir TR/Crypt.XPACK.Gen 20110715
Avast Win32:MalOb-AL 20110715
Avast5 Win32:MalOb-AL 20110715
AVG Generic17.AUTE 20110715
BitDefender Trojan.Generic.3575332 20110715
CAT-QuickHeal Trojan.FraudPack.appl 20110715
Commtouch W32/FakeSec.D.gen!Eldorado 20110715
Comodo TrojWare.Win32.Trojan.Agent.Gen 20110715
Emsisoft Trojan.Win32.FakeAV!IK 20110715
eSafe Win32.RogueFakeAlert 20110714
eTrust-Vet Win32/Katusha.B!packed 20110715
F-Prot W32/FakeSec.D.gen!Eldorado 20110714
F-Secure Rogue:W32/FakeAlert.MF 20110715
Fortinet W32/FraudPack.fam!tr 20110715
GData Trojan.Generic.3575332 20110715
Ikarus Trojan.Win32.FakeAV 20110715
Jiangmin Trojan/FraudPack.stk 20110714
K7AntiVirus Trojan 20110714
Kaspersky Trojan.Win32.FraudPack.appl 20110715
McAfee FakeAlert-WwSec.e 20110715
McAfee-GW-Edition FakeAlert-WwSec.e 20110715
Microsoft Rogue:Win32/FakeRean 20110715
NOD32 a variant of Win32/Kryptik.DKW 20110715
Norman Suspicious_Gen2.AJVFW 20110715
Panda Trj/Katusha.J 20110714
PCTools Application.RogueAVPacker 20110713
Rising Trojan.Win32.Generic.11E694FF 20110715
Sophos AV Mal/FakeAV-BT 20110715
SUPERAntiSpyware Trojan.Agent/Gen-FakeAV[Delphi] 20110715
Symantec Packed.Mystic!gen4 20110715
TheHacker Trojan/FraudPack.appl 20110715
TrendMicro TROJ_KRAP.SMEP 20110715
TrendMicro-HouseCall TROJ_KRAP.SMEP 20110715
VBA32 OScope.Trojan.0216 20110715
VIPRE VirTool.Win32.Obfuscator.hg!a (v) 20110715
VirusBuster Trojan.Fraudpack.Gen!Pac.5 20110714
Antiy-AVL 20110715
ClamAV 20110714
DrWeb 20110715
nProtect 20110715
Prevx 20110715
ViRobot 20110715
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Number of sections 4
PE sections
PE imports
RegEnumKeyExA
OpenServiceA
OpenSCManagerA
OpenProcessToken
LookupPrivilegeValueA
ControlService
AdjustTokenPrivileges
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
EqualSid
CloseServiceHandle
DeleteService
FreeSid
RegDeleteKeyA
AllocateAndInitializeSid
RegCloseKey
RegSetValueExA
GetTokenInformation
Sleep
MoveFileExA
RemoveDirectoryA
GetProcAddress
SetUnhandledExceptionFilter
TerminateProcess
CreateFileW
CreateFileMappingA
GetStartupInfoA
MapViewOfFile
GetLastError
InterlockedExchange
GetFileSize
lstrcpyA
FreeLibrary
DeleteFileA
WaitForSingleObject
GlobalAlloc
GetVersionExA
FindFirstFileA
SetEndOfFile
GetCurrentProcess
SetFileAttributesA
CreateDirectoryA
GetCommandLineA
VirtualProtect
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentThreadId
GetFileType
GetTickCount
InterlockedCompareExchange
GetSystemDirectoryA
lstrcpynA
CloseHandle
GlobalFree
GetPrivateProfileStringA
lstrcatA
QueryPerformanceCounter
UnmapViewOfFile
GetModuleHandleA
GetShortPathNameA
lstrlenA
CreateProcessA
UnhandledExceptionFilter
GetExitCodeProcess
FindNextFileA
SetFilePointer
GetWindowsDirectoryA
GetCurrentProcessId
CreateFileA
FindClose
strchr
_mbscmp
__setusermatherr
_access
_amsg_exit
_mbschr
__set_app_type
malloc
__p__commode
_mbsinc
memset
_adjust_fdiv
_mbsupr
_mbsstr
memmove
_XcptFilter
strstr
__getmainargs
_cexit
_initterm
_exit
_terminate@@YAXXZ
__p__fmode
_acmdln
exit
_controlfp
_mbsicmp
_ismbblead
strtok
_getcwd
memcpy
RtlUnwind
SetupDiDeleteDeviceInfo
SetupDiCallClassInstaller
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiOpenDevRegKey
SetupDiGetDeviceRegistryPropertyA
wsprintfA
SendMessageA
ExitWindowsEx
LoadStringA
MessageBoxA
LoadIconA
FindWindowA
File identification
MD5 abb720512b3ca2aee08ebc2396d4d894
SHA1 06e94b447d317e8938db93d9796ee18d39bc8162
SHA256 ba37f14276198e0a1f4ee0f6c6b2472ed5bad0aa738706031ecfa5adb70b2efe
ssdeep
3072:8FPY/YQPhPHONbO9RgiL7pfx3QObCSVRsboI7PqG/dA3uzKPCkCzbWhKNX/S:8FsYQtONK9RB55sSV2bnPnOuzfdzbJ0

File size 179.0 KB ( 183296 bytes )
File type Win32 EXE
Magic literal

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2010-04-01 12:18:11 UTC ( 8 years, 9 months ago )
Last submission 2011-07-15 12:17:12 UTC ( 7 years, 6 months ago )
File names ABB720512B3CA2AEE08EBC2396D4D894
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!