× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: bc8f72c251c22932808d5b32820e13a666921fb99f872afca1d70dbd1b93672b
File name: aa
Detection ratio: 32 / 41
Analysis date: 2010-05-30 22:40:49 UTC ( 8 years, 7 months ago )
Antivirus Result Update
a-squared Trojan-Clicker.Win32.Refpron!IK 20100510
AhnLab-V3 Win-Trojan/Refpron.36864.LT 20100529
AntiVir TR/Click.Refpron.TI 20100530
Authentium W32/Refpron.H.gen!Eldorado 20100529
Avast Win32:Refpron-BA 20100530
Avast5 Win32:Refpron-BA 20100530
AVG Clicker.AIYH 20100530
BitDefender Gen:Trojan.VB.Refpron.1 20100530
DrWeb Trojan.Click.63227 20100530
eSafe Win32.GenVB.Refpron 20100530
eTrust-Vet Win32/Refpron.PS 20100529
F-Prot W32/Refpron.H.gen!Eldorado 20100529
F-Secure Gen:Trojan.VB.Refpron.1 20100530
Fortinet Adware/VB 20100530
GData Gen:Trojan.VB.Refpron.1 20100530
Ikarus Trojan-Clicker.Win32.Refpron 20100530
Jiangmin TrojanClicker.Refpron.na 20100530
Kaspersky Trojan-Clicker.Win32.Refpron.ti 20100530
McAfee AdClicker-IJ.gen 20100530
McAfee-GW-Edition Heuristic.LooksLike.Trojan.Click.Refpron.I 20100530
Microsoft TrojanClicker:Win32/Refpron.H 20100530
NOD32 a variant of Win32/TrojanClicker.VB.NOT 20100530
Norman W32/Clicker.A 20100530
nProtect Gen:Trojan.VB.Refpron.1 20100530
Panda Generic Trojan 20100530
PCTools Trojan-Clicker.Refpron 20100530
Prevx Medium Risk Malware 20100530
Rising Trojan.Win32.Generic.5205FB98 20100530
Sophos AV Sus/VB-BK 20100530
Sunbelt Trojan.Win32.Generic!BT 20100530
Symantec Trojan.Gen 20100530
VBA32 Trojan-Clicker.Win32.Refpron.ti 20100529
Antiy-AVL 20100526
CAT-QuickHeal 20100529
ClamAV 20100530
Comodo 20100530
TheHacker 20100530
TrendMicro 20100530
TrendMicro-HouseCall 20100530
ViRobot 20100528
VirusBuster 20100530
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
FileVersionInfo properties
Publisher pqsdjpktkqmtutc
Product tdaiuoaibovrxugmrys
Original name diyfkv.exe
Internal name diyfkv
File version 6.02.0007
PE header basic information
Number of sections 3
PE sections
PE imports
MethCallEngine
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
16 more function(s) imported by ordinal)
File identification
MD5 4b37ad16e61e6d9b714586d2f26857d1
SHA1 a00532e1c50fc4a04bf0e03e3a130c1e691159ae
SHA256 bc8f72c251c22932808d5b32820e13a666921fb99f872afca1d70dbd1b93672b
ssdeep
768:99z06KFNGWp6QH/5d06TAfVZeh7Y79PQ:v1KRfhc54

File size 36.0 KB ( 36864 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2010-05-21 23:33:00 UTC ( 8 years, 8 months ago )
Last submission 2010-05-30 22:40:49 UTC ( 8 years, 7 months ago )
File names oUWN.drv
aa
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
Behaviour characterization
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!