× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: cf3b09d20a8475f0e29313597f486ad36f7c5811db2c6d6b238279556184b6a6
File name: cf3b09d20a8475f0e29313597f486ad36f7c5811db2c6d6b238279556184b6a6
Detection ratio: 42 / 56
Analysis date: 2015-04-13 16:46:21 UTC ( 4 years ago )
Antivirus Result Update
Ad-Aware Trojan.AutoIT.Injector.AN 20150413
Yandex Trojan.ZBoter.Gen.VA 20150413
AhnLab-V3 Trojan/Win32.Zbot 20150413
ALYac Trojan.AutoIT.Injector.AN 20150413
Antiy-AVL Trojan[:HEUR]/Win32.AGeneric 20150413
Avast Win32:GenMalicious-HMV [Trj] 20150413
AVG Zbot.KXP 20150413
AVware Trojan-PWS.Win32.Zbot.aac (v) 20150413
BitDefender Trojan.AutoIT.Injector.AN 20150413
CAT-QuickHeal TrojanPWS.Zbot.Y3 20150413
ClamAV Trojan.Spy.Zbot-142 20150413
Comodo TrojWare.Win32.Kazy.MKD 20150413
Cyren W32/Zbot.BZ.gen!Eldorado 20150413
DrWeb Trojan.Proxy.27230 20150413
Emsisoft Trojan.AutoIT.Injector.AN (B) 20150413
ESET-NOD32 Win32/Spy.Zbot.AAQ 20150413
F-Prot W32/Zbot.BZ.gen!Eldorado 20150413
F-Secure Trojan-Spy:W32/Zbot.AVTH 20150413
Fortinet W32/Zbot.AT!tr 20150413
GData Trojan.AutoIT.Injector.AN 20150413
Ikarus Trojan-Spy.Zbot 20150413
Jiangmin TrojanSpy.Zbot.hfms 20150412
K7AntiVirus Spyware ( 002891031 ) 20150413
K7GW Spyware ( 002891031 ) 20150413
Kaspersky Trojan-Spy.Win32.Zbot.ujst 20150413
Malwarebytes Spyware.Zbot 20150413
McAfee PWS-Zbot.gen.ds 20150413
McAfee-GW-Edition PWS-Zbot.gen.ds 20150413
Microsoft PWS:Win32/Zbot.gen!ZA 20150413
eScan Trojan.AutoIT.Injector.AN 20150413
NANO-Antivirus Trojan.Win32.Panda.cswodz 20150413
Norman ZBot.VAL 20150413
nProtect Trojan.AutoIT.Injector.AN 20150413
Rising PE:Stealer.Zbot!1.648A 20150413
Sophos AV Mal/Generic-S 20150413
Tencent Trojan.Win32.Zbot.aaw 20150413
TheHacker Trojan/Spy.Zbot.aaq 20150413
TotalDefense Win32/Zbot.CXZ 20150413
TrendMicro TSPY_ZBOT.SMIG 20150413
TrendMicro-HouseCall TSPY_ZBOT.SMIG 20150413
VIPRE Trojan-PWS.Win32.Zbot.aac (v) 20150413
ViRobot Trojan.Win32.Zbot.141312.L[h] 20150413
AegisLab 20150413
Alibaba 20150413
Baidu-International 20150413
Bkav 20150413
ByteHero 20150413
CMC 20150413
Kingsoft 20150413
Panda 20150413
Qihoo-360 20150413
SUPERAntiSpyware 20150412
Symantec 20150413
VBA32 20150412
Zillya 20150413
Zoner 20150413
The file being studied is a Portable Executable file! More specifically, it is a DOS EXE file.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2013-12-19 00:10:29
Entry Point 0x00013048
Number of sections 3
PE sections
File identification
MD5 36c09a6eec64fa4a15bdd142b3989772
SHA1 f819c8aa2a8447b497bbe4e57ba88758531d15b5
SHA256 cf3b09d20a8475f0e29313597f486ad36f7c5811db2c6d6b238279556184b6a6
ssdeep
1536:CVHTJpx50VDJqQd2HLClq8x8L5/fCJm+iyCxBwWe2VtIPA12z/:KTHx50VJqtHGbu5XCniylWrtGA1G/

authentihash 9f91f6f88a763345febeb451bdc1b2e68a9fdd5e9431e1d9f10d3915d5528a08
File size 80.9 KB ( 82866 bytes )
File type DOS EXE
Magic literal
MS-DOS executable

TrID Win32 Executable (generic) (42.4%)
DOS Executable Borland Pascal 7.0x (19.1%)
Generic Win/DOS Executable (18.8%)
DOS Executable Generic (18.8%)
VXD Driver (0.2%)
Tags
corrupt mz

VirusTotal metadata
First submission 2015-04-13 16:46:21 UTC ( 4 years ago )
Last submission 2015-04-13 16:46:21 UTC ( 4 years ago )
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!