× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: bbc40cb0a541f8ec9133840007ebffd39f539e3bf795f9d92ef8a56d689b17d5
File name: e1b846053528bdb79e0b1f3ba1d79788
Detection ratio: 46 / 55
Analysis date: 2014-10-04 19:10:25 UTC ( 4 years, 4 months ago )
Antivirus Result Update
Ad-Aware Gen:Heur.Zygug.5 20141004
Yandex Trojan.Agent!getGgWAHokA 20141003
AhnLab-V3 Trojan/Win32.Dorkbot 20141004
Antiy-AVL Trojan[Backdoor]/Win32.Androm 20141004
Avast Win32:Virtu-B 20141004
AVG BackDoor.Generic17.JGN 20141004
Avira (no cloud) TR/Patched.Ren.Gen2 20141004
AVware Trojan.Win32.Zbot.fdm (v) 20141004
Baidu-International Worm.Win32.Dorkbot.bB 20141004
BitDefender Gen:Heur.Zygug.5 20141004
Bkav W32.HfsAutoA.2F61 20141003
ByteHero Trojan.Malware.Obscu.Gen.002 20141004
CAT-QuickHeal Trojan.Zbot.AM6 20141004
CMC Trojan.Win32.Krap.2!O 20141004
Cyren W32/Trojan.UWFW-5649 20141004
Emsisoft Gen:Heur.Zygug.5 (B) 20141004
ESET-NOD32 Win32/Dorkbot.B 20141004
F-Prot W32/Trojan2.NWFG 20141004
F-Secure Gen:Heur.Zygug.5 20141004
Fortinet W32/Zbot.AOV!tr 20141004
GData Gen:Heur.Zygug.5 20141004
Ikarus Worm.Win32.Dorkbot 20141004
Jiangmin Backdoor/Androm.sx 20141004
K7AntiVirus EmailWorm ( 0040f4131 ) 20141004
K7GW EmailWorm ( 0040f4131 ) 20141004
Kaspersky HEUR:Trojan.Win32.Generic 20141004
Malwarebytes Trojan.Agent.SZ 20141004
McAfee PWS-Zbot-FBDR!E1B846053528 20141004
McAfee-GW-Edition BehavesLike.Win32.Expiro.cc 20141004
Microsoft Worm:Win32/Dorkbot.I 20141004
eScan Gen:Heur.Zygug.5 20141004
NANO-Antivirus Trojan.Win32.NgrBot.cqilqk 20141004
Norman Dorkbot.GUU 20141004
Panda Trj/Genetic.gen 20141004
Qihoo-360 HEUR/Malware.QVM19.Gen 20141004
Rising PE:Worm.Dorkbot!6.13B7 20141003
Sophos AV Mal/Generic-S 20141004
SUPERAntiSpyware Trojan.Agent/Gen-PWS 20141004
Tencent Virus.Win32.Virut.ue 20141004
TotalDefense Win32/Dorkbot.XNWBOOC 20141001
TrendMicro Possible_DORKBOT 20141004
TrendMicro-HouseCall Possible_DORKBOT 20141004
VBA32 BScope.Trojan.MTA.0661 20141004
VIPRE Trojan.Win32.Zbot.fdm (v) 20141004
Zillya Backdoor.Androm.Win32.1313 20141004
Zoner I-Worm.Dorkbot.B 20140929
AegisLab 20141004
ClamAV 20141004
Comodo 20141004
DrWeb 20141004
Kingsoft 20141004
nProtect 20141002
Symantec 20141004
TheHacker 20141001
ViRobot 20141004
The file being studied is a Portable Executable file! More specifically, it is a DOS EXE file.
FileVersionInfo properties
Publisher Micro Logic, Corp.
Product Cywy
Original name Pid7l4oicc7i.exe
Internal name Itode
File version 2, 7, 1
Description Dut Urigusa Fonovun
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2001-07-19 05:42:42
Entry Point 0x000100FD
Number of sections 7
PE sections
Number of PE resources by type
RT_DIALOG 1
RT_VERSION 1
Number of PE resources by language
ENGLISH AUS 2
PE resources
File identification
MD5 e1b846053528bdb79e0b1f3ba1d79788
SHA1 8aa9213fa4b6132c4c490332eb174d2a974abd7a
SHA256 bbc40cb0a541f8ec9133840007ebffd39f539e3bf795f9d92ef8a56d689b17d5
ssdeep
3072:c+OXbAmDAQ9a/Wi51r+ioIeLEKySOXa2AbyQhpIm9wHLlKCoI:cprru15FdoiBa2A2QL9OfoI

authentihash ed6c6e7c3be9251eefd00b4eea338a97520adc1b073f311b5cd97447ff102040
imphash 191133f725d7d20d56e5eb5b50cdff90
File size 153.0 KB ( 156672 bytes )
File type DOS EXE
Magic literal
MS-DOS executable, MZ for MS-DOS

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags
mz

VirusTotal metadata
First submission 2014-10-04 19:10:25 UTC ( 4 years, 4 months ago )
Last submission 2014-10-04 19:10:25 UTC ( 4 years, 4 months ago )
File names e1b846053528bdb79e0b1f3ba1d79788
Pid7l4oicc7i.exe
Itode
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!