× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: cf217fc72a4952173caadcf938e67adffed3e26b7c545dfe0c0bd8549421cc4b
File name: aeft.pif.vir
Detection ratio: 20 / 42
Analysis date: 2012-08-24 22:21:03 UTC ( 5 years, 1 month ago )
Antivirus Result Update
AntiVir TR/Dropper.Gen 20120824
Avast Win32:StubOfSality [Trj] 20120824
BitDefender Trojan.SalityStub.A 20120824
ByteHero Virus.Win32.Heur.c 20120814
CAT-QuickHeal (Suspicious) - DNAScan 20120824
Commtouch W32/Sality.C.gen!Eldorado 20120824
Comodo Win32.Kashu.RA 20120825
F-Prot W32/Sality.C.gen!Eldorado 20120824
F-Secure Trojan.SalityStub.A 20120824
Fortinet W32/LPECrypt.A!tr 20120824
GData Trojan.SalityStub.A 20120824
Jiangmin Trojan/Inject.lyc 20120824
K7AntiVirus Trojan 20120824
McAfee W32/Sality.dr 20120824
McAfee-GW-Edition Heuristic.LooksLike.Win32.Suspicious.J!89 20120824
Norman W32/Sality.dam 20120824
nProtect Trojan.SalityStub.A 20120824
Rising Suspicious 20120824
Sophos AV Mal/EncPk-XA 20120824
ViRobot Trojan.Win32.Sality.103140 20120824
AhnLab-V3 20120824
Antiy-AVL 20120824
AVG 20120825
ClamAV 20120824
DrWeb 20120825
Emsisoft 20120824
eSafe 20120823
ESET-NOD32 20120824
Ikarus 20120824
Kaspersky 20120824
Microsoft 20120824
Panda 20120824
PCTools 20120824
SUPERAntiSpyware 20120824
Symantec 20120824
TheHacker 20120824
TotalDefense 20120824
TrendMicro 20120824
TrendMicro-HouseCall 20120824
VBA32 20120824
VIPRE 20120824
VirusBuster 20120824
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-02-10 13:15:37
Entry Point 0x00001040
Number of sections 1
PE sections
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2002:02:10 05:15:37-08:00

FileType
Win32 EXE

PEType
PE32

CodeSize
512

LinkerVersion
6.0

EntryPoint
0x1040

InitializedDataSize
0

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 3c903788d5438c82f349e679c6a6893f
SHA1 512e44186ef7126314e047090b37996f7b5e742c
SHA256 cf217fc72a4952173caadcf938e67adffed3e26b7c545dfe0c0bd8549421cc4b
ssdeep
768:n3Dc+oENivkjknFYkas5Gz2sAU0znjQVsxWl:TUXkonFYmofAjv

File size 28.7 KB ( 29412 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID DOS Executable Generic (100.0%)
Tags
peexe

VirusTotal metadata
First submission 2012-08-24 22:21:03 UTC ( 5 years, 1 month ago )
Last submission 2012-08-24 22:21:03 UTC ( 5 years, 1 month ago )
File names aeft.pif.vir
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!