× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: cf4ccafafc0ea9d9c633ef2bbc5fb085864acd032823351218e6accbdf5776b8
File name: QuAq.sys
Detection ratio: 18 / 43
Analysis date: 2010-10-10 18:06:17 UTC ( 7 years, 3 months ago )
Antivirus Result Update
AntiVir TR/Crypt.XPACK.Gen3 20101008
Avast Win32:Ufraie 20101010
Avast5 Win32:Ufraie 20101010
AVG SHeur3.BEBH 20101010
BitDefender Gen:Variant.Kazy.1473 20101010
Comodo Win32.PkdKrap.AS 20101010
F-Secure Gen:Variant.Kazy.1473 20101010
Fortinet W32/MultiDL.C!tr.dldr 20101010
GData Gen:Variant.Kazy.1473 20101010
Kaspersky Packed.Win32.Katusha.o 20101010
McAfee Artemis!A170A2A6AEF2 20101010
McAfee-GW-Edition Artemis!A170A2A6AEF2 20101010
nProtect Gen:Variant.Kazy.1473 20101010
Panda Trj/CI.A 20101010
PCTools Trojan.FakeAV 20101010
Sophos AV Mal/Katusha-A 20101009
Sunbelt Trojan.Win32.Bredolab.Gen.pac (v) 20101010
Symantec Trojan.FakeAV!gen32 20101010
AhnLab-V3 20101009
Antiy-AVL 20101010
Authentium 20101010
CAT-QuickHeal 20101009
ClamAV 20101010
DrWeb 20101010
Emsisoft 20101010
eSafe 20101007
eTrust-Vet 20101008
F-Prot 20101009
Ikarus 20101010
Jiangmin 20101010
K7AntiVirus 20101009
Microsoft 20101010
NOD32 20101009
Norman 20101010
Prevx 20101010
Rising 20101009
SUPERAntiSpyware 20101010
TheHacker 20101010
TrendMicro 20101010
TrendMicro-HouseCall 20101010
VBA32 20101008
ViRobot 20101010
VirusBuster 20101010
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 5
PE sections
PE imports
ChangeServiceConfig2A
CloseServiceHandle
EqualSid
LookupPrivilegeValueA
OpenProcessToken
QueryServiceStatus
RegEnumValueA
UnlockServiceDatabase
AddAtomA
CloseHandle
CreateEventA
CreateFileMappingA
CreateThread
DeleteCriticalSection
DeviceIoControl
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
ExitThread
ExpandEnvironmentStringsA
FindFirstFileA
FindResourceA
FlushFileBuffers
FreeEnvironmentStringsA
FreeLibrary
GetCPInfo
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentVariableA
GetExitCodeProcess
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileSectionA
GetPrivateProfileStringA
GetPrivateProfileStructA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetTempPathA
GetThreadTimes
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalHandle
GlobalUnlock
HeapCreate
HeapDestroy
HeapFree
InterlockedCompareExchange
InterlockedIncrement
IsBadCodePtr
IsValidCodePage
LoadLibraryExA
LocalFree
MapViewOfFile
Module32Next
MulDiv
QueryPerformanceCounter
ReadFile
ReadProcessMemory
RemoveDirectoryA
SetEnvironmentVariableA
SetFileAttributesA
SetFilePointer
SetLastError
SetPriorityClass
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
SuspendThread
SystemTimeToFileTime
TlsSetValue
UnhandledExceptionFilter
VirtualQuery
WaitForSingleObject
WriteFile
lstrcatA
lstrcmpiA
lstrlenA
CLSIDFromProgID
CoMarshalInterThreadInterfaceInStream
CoRevokeClassObject
CoTaskMemRealloc
OleUninitialize
CheckDlgButton
CreateDialogParamA
DispatchMessageA
EndPaint
ExitWindowsEx
FillRect
FindWindowA
GetCapture
GetDesktopWindow
GetDlgItem
GetDlgItemTextA
GetMenuItemCount
GetMessageA
GetParent
IsWindowVisible
LoadBitmapA
LoadImageA
MessageBoxA
PostMessageA
PostQuitMessage
RegisterClassExA
SendDlgItemMessageA
SendMessageA
SetDlgItemInt
SetDlgItemTextA
SetWindowTextA
SystemParametersInfoA
TranslateMessage
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
File identification
MD5 a170a2a6aef228593566d18782e027ca
SHA1 abfa0fe894634ac6d748c8dab3fb8f69a405b8dd
SHA256 cf4ccafafc0ea9d9c633ef2bbc5fb085864acd032823351218e6accbdf5776b8
ssdeep
49152:daqUuJ7DQq6b53It1rEXVqzhIegSLwY3zUmmiAArxheU+MJZHM:AuJPQn53IbEXVoK8LrzUmmiAArzeqZ

File size 2.7 MB ( 2779136 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (58.2%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.6%)
DOS Executable Generic (13.6%)
VXD Driver (0.2%)
VirusTotal metadata
First submission 2010-10-10 15:08:38 UTC ( 7 years, 3 months ago )
Last submission 2010-10-10 18:06:17 UTC ( 7 years, 3 months ago )
File names QuAq.sys
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!