× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: bd1a51bdd15db3f0c10df4b78b0371ed097e6b225b0cf6af85261699a8af7c71
File name: ad6b4011f9e72de0c6794176482f9399
Detection ratio: 8 / 41
Analysis date: 2011-11-18 05:51:44 UTC ( 2 years, 5 months ago ) View latest
Antivirus Result Update
AVG Suspicion: unknown virus 20111116
Antiy-AVL Trojan/Win32.Zbot.gen 20111116
Commtouch W32/Damaged_File.gen!Eldorado 20111116
Comodo Heur.Corrupt.PE 20111114
DrWeb BackDoor.Qbot.75 20111116
F-Prot W32/Damaged_File.gen!Eldorado 20111116
McAfee-GW-Edition Heuristic.BehavesLike.Win32.ModifiedUPX.C 20111116
TheHacker W32/Behav-Heuristic-CorruptFile-EP 20111116
AhnLab-V3 20111116
AntiVir 20111116
Avast 20111116
BitDefender 20111116
ByteHero 20111114
ClamAV 20111116
Emsisoft 20111116
F-Secure 20111116
Fortinet 20111116
GData 20111116
Ikarus 20111116
Jiangmin 20111116
K7AntiVirus 20111116
Kaspersky 20111116
McAfee 20111116
Microsoft 20111116
NOD32 20111116
Norman 20111116
PCTools 20111116
Prevx 20111118
Rising 20111116
SUPERAntiSpyware 20111116
Sophos 20111116
Symantec 20111116
TrendMicro 20111116
TrendMicro-HouseCall 20111116
VBA32 20111115
VIPRE 20111116
ViRobot 20111116
VirusBuster 20111116
eSafe 20111116
eTrust-Vet 20111116
nProtect 20111116
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-07-17 17:07:17
Entry Point 0x0003A180
Number of sections 3
PE sections
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2011:07:17 19:07:17+02:00

FileType
Win32 EXE

PEType
PE32

CodeSize
176128

LinkerVersion
6.2

Warning
Error processing PE data dictionary

EntryPoint
0x3a180

InitializedDataSize
8192

SubsystemVersion
4.0

ImageVersion
8.3

OSVersion
6.4

UninitializedDataSize
61440

File identification
MD5 ad6b4011f9e72de0c6794176482f9399
SHA1 164c72f1d80cba4054cd80bb92bc77b20105181b
SHA256 bd1a51bdd15db3f0c10df4b78b0371ed097e6b225b0cf6af85261699a8af7c71
ssdeep
1536:aQqVTIQqhsJaX/FkPW5oj0Rq7hQCV0JyCXR6mKRVv:aQqVTIQavFoKBRm+CVwomqv

File size 79.7 KB ( 81654 bytes )
File type Win32 EXE
Magic literal

TrID Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
VirusTotal metadata
First submission 2011-11-18 05:51:44 UTC ( 2 years, 5 months ago )
Last submission 2011-12-16 15:45:07 UTC ( 2 years, 4 months ago )
File names ad6b4011f9e72de0c6794176482f9399
AD6B4011F9E72DE0C6794176482F9399
zeusbin_ad6b4011f9e72de0c6794176482f9399.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!