× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: bc8d4a0c7859af7a180014a6c42bd26aecc4aaead08495fd0a545e2218cf435e
File name: 03430996FA9FB7C80C0A1898DA8E80D2
Detection ratio: 38 / 55
Analysis date: 2014-09-10 16:20:15 UTC ( 4 years, 2 months ago )
Antivirus Result Update
Ad-Aware Gen:Trojan.Zboter.1 20140910
AhnLab-V3 Spyware/Win32.Zbot 20140910
Antiy-AVL Trojan[Spy]/Win32.Zbot 20140910
Avast Win32:Dropper-NSZ [Trj] 20140910
AVG PSW.Generic12.AEYC 20140910
AVware Trojan.Win32.Zbot.ywb (v) 20140910
BitDefender Gen:Trojan.Zboter.1 20140910
Bkav HW32.Paked.77EC 20140910
CAT-QuickHeal TrojanPWS.Zbot.AP4 20140910
Comodo TrojWare.Win32.Injector.AYTP 20140910
DrWeb Trojan.Winlock.9017 20140910
Emsisoft Gen:Trojan.Zboter.1 (B) 20140910
ESET-NOD32 a variant of Win32/Injector.AZMH 20140910
F-Secure Gen:Trojan.Zboter.1 20140910
Fortinet W32/Kryptik.WIF!tr 20140910
GData Gen:Trojan.Zboter.1 20140910
Ikarus Trojan-Downloader.Win32.Upatre 20140910
Jiangmin TrojanSpy.Zbot.hbvq 20140909
K7AntiVirus Unwanted-Program ( 004a8e8a1 ) 20140910
K7GW Unwanted-Program ( 004a8e8a1 ) 20140910
Kaspersky HEUR:Trojan.Win32.Generic 20140910
Kingsoft Win32.Troj.Zbot.rr.(kcloud) 20140910
Malwarebytes Trojan.Zbot.FKE 20140910
McAfee Downloader-FYH!03430996FA9F 20140910
McAfee-GW-Edition BehavesLike.Win32.Downloader.dc 20140910
Microsoft TrojanDownloader:Win32/Recslurp.B 20140910
eScan Gen:Trojan.Zboter.1 20140910
NANO-Antivirus Trojan.Win32.Zbot.cufbge 20140910
Norman ZBot.RXLD 20140910
nProtect Trojan-Spy/W32.ZBot.295784 20140910
Panda Trj/Genetic.gen 20140910
Qihoo-360 Malware.QVM20.Gen 20140910
Sophos AV Mal/Zbot-OA 20140910
Symantec Trojan.Zbot 20140910
TheHacker Trojan/Injector.azmh 20140908
VIPRE Trojan.Win32.Zbot.ywb (v) 20140910
Zillya Trojan.Zbot.Win32.152049 20140910
Zoner Trojan.Injector.AZMH 20140910
AegisLab 20140910
Yandex 20140910
Avira (no cloud) 20140910
Baidu-International 20140910
ByteHero 20140910
ClamAV 20140910
CMC 20140908
Cyren 20140910
F-Prot 20140910
Rising 20140910
SUPERAntiSpyware 20140910
Tencent 20140910
TotalDefense 20140910
TrendMicro 20140910
TrendMicro-HouseCall 20140910
VBA32 20140910
ViRobot 20140910
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2014-03-01 17:05:21
Entry Point 0x00006182
Number of sections 4
PE sections
Number of PE resources by type
RT_DIALOG 3
RT_STRING 1
Number of PE resources by language
CHINESE SIMPLIFIED 4
PE resources
File identification
MD5 03430996fa9fb7c80c0a1898da8e80d2
SHA1 75c10da78634e7f007ed5e34c9a3d71823a62aaf
SHA256 bc8d4a0c7859af7a180014a6c42bd26aecc4aaead08495fd0a545e2218cf435e
ssdeep
6144:qf2BPxQn96vWPcZ618o9tXemikuaCbvHAica3hA4+xgOMYCQvB+HoXcUCESz:7C0ekZ619i7kxCjAicKMgACQvUovc

imphash 910b50472af191ff6e4a4de2a5d18c08
File size 288.9 KB ( 295784 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (64.6%)
Win32 Dynamic Link Library (generic) (15.3%)
Win32 Executable (generic) (10.5%)
Generic Win/DOS Executable (4.6%)
DOS Executable Generic (4.6%)
Tags
peexe

VirusTotal metadata
First submission 2014-09-10 16:20:15 UTC ( 4 years, 2 months ago )
Last submission 2014-09-10 16:20:15 UTC ( 4 years, 2 months ago )
File names 03430996FA9FB7C80C0A1898DA8E80D2
bc8d4a0c7859af7a180014a6c42bd26aecc4aaead08495fd0a545e2218cf435e.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!