× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d0dd01c9b579a72383dcea1a08027a157558feeb467dfdb2f92d0fcc7abd0ece
File name: aa
Detection ratio: 23 / 40
Analysis date: 2010-04-16 15:39:32 UTC ( 7 years, 7 months ago )
Antivirus Result Update
a-squared Trojan-Banker.Win32.Banker!IK 20100416
AntiVir TR/Crypt.CFI.Gen 20100416
Authentium W32/Banload.E.gen!Eldorado 20100416
AVG Generic17.BAFJ 20100416
BitDefender Generic.Banker.Delf.5B91DC32 20100416
DrWeb DLOADER.Trojan 20100416
eSafe Win32.TRCrypt.Cfi 20100415
eTrust-Vet Win32/FakeIE_i 20100416
F-Prot W32/Banload.E.gen!Eldorado 20100416
F-Secure Generic.Banker.Delf.5B91DC32 20100416
Fortinet W32/Banspy.K 20100416
GData Generic.Banker.Delf.5B91DC32 20100416
Ikarus Trojan-Banker.Win32.Banker 20100416
McAfee-GW-Edition Trojan.Crypt.CFI.Gen 20100416
Microsoft TrojanSpy:Win32/Banker.USY 20100416
NOD32 probably a variant of Win32/Genetik 20100416
Norman W32/Obfuscated.F!genr 20100416
nProtect Generic.Banker.Delf.5B91DC32 20100416
Panda Trj/CI.A 20100415
PCTools HeurEngine.Bancos 20100416
Sophos AV Mal/Banspy-K 20100416
Sunbelt Trojan.Win32.Generic!BT 20100416
Symantec Bloodhound.Bancos.1 20100416
AhnLab-V3 20100416
Antiy-AVL 20100416
Avast 20100416
Avast5 20100416
CAT-QuickHeal 20100416
ClamAV 20100416
Comodo 20100416
Jiangmin 20100416
Kaspersky 20100416
McAfee 20100416
Prevx 20100416
Rising 20100416
TheHacker 20100415
TrendMicro 20100415
VBA32 20100415
ViRobot 20100416
VirusBuster 20100416
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 3
PE sections
PE imports
RegFlushKey
ImageList_Add
SaveDC
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
ExitProcess
OleDraw
VariantCopy
ShellExecuteA
URLDownloadToFileA
VerQueryValueA
InternetOpenA
File identification
MD5 0162b8ccdf0df0d02d63d17d8e54860e
SHA1 f36f3364374068691039e0f536efec1ea2833849
SHA256 d0dd01c9b579a72383dcea1a08027a157558feeb467dfdb2f92d0fcc7abd0ece
ssdeep
98304:Pawp7PbAlNipJtIkqMTu9rqTDheddSMlVy+ikQLyZUSyvXKcMF:PaaDAlNetrqyor/3sLy+

File size 3.1 MB ( 3291648 bytes )
File type unknown
Magic literal

TrID UPX compressed Win32 Executable (38.5%)
Win32 EXE Yoda's Crypter (33.4%)
Win32 Executable Generic (10.7%)
Win32 Dynamic Link Library (generic) (9.5%)
Win16/32 Executable Delphi generic (2.6%)
VirusTotal metadata
First submission 2010-04-15 07:12:34 UTC ( 7 years, 7 months ago )
Last submission 2010-04-16 15:39:32 UTC ( 7 years, 7 months ago )
File names 5TAquU2m.inf
LudYmcQFP.cpl
aa
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!