× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d38d9f86cc48d84e8d7d1abd6db494996d5c189f1842f522267bf39cfdac09f5
File name: aa
Detection ratio: 35 / 39
Analysis date: 2010-04-06 15:32:47 UTC ( 8 years, 7 months ago )
Antivirus Result Update
a-squared Net-Worm.Win32.Kolab!IK 20100406
AhnLab-V3 Win32/Palevo.worm.237063.I 20100405
AntiVir BDS/Tofsee.23706 20100406
Antiy-AVL Worm/Win32.Palevo.gen 20100406
Avast Win32:Injector-TD 20100406
Avast5 Win32:Injector-TD 20100406
AVG BackDoor.Generic12.AOEC 20100406
BitDefender Backdoor.Generic.284655 20100406
CAT-QuickHeal I-Worm.Palevo.vht 20100406
ClamAV Worm.Palevo-6559 20100406
Comodo TrojWare.Win32.TrojanDropper.Agent.~ACAG 20100406
DrWeb Win32.HLLW.Lime.8 20100406
eSafe Win32.Backdoor.Tofse 20100401
F-Secure Backdoor.Generic.284655 20100406
Fortinet W32/Palevo.VGM!worm.p2p 20100406
GData Backdoor.Generic.284655 20100406
Ikarus Net-Worm.Win32.Kolab 20100406
Jiangmin Worm/Palevo.nnj 20100406
Kaspersky P2P-Worm.Win32.Palevo.vgm 20100406
McAfee-GW-Edition Heuristic.BehavesLike.Win32.CodeInjection.H 20100406
Microsoft VirTool:Win32/CeeInject 20100406
NOD32 Win32/Peerfrag.FD 20100406
nProtect Worm/W32.Palevo.237063.G 20100406
Panda Generic Malware 20100405
PCTools Trojan.Generic 20100406
Prevx High Risk Cloaked Malware 20100406
Rising Trojan.Win32.Generic.51FA6ABC 20100406
Sophos AV Mal/Generic-A 20100406
Sunbelt Trojan.Win32.Generic!BT 20100406
Symantec Trojan Horse 20100406
TheHacker Trojan/Injector.awm 20100406
TrendMicro TROJ_RIMECUD.AZ 20100406
VBA32 BScope.Trojan.Bofa.01 20100405
ViRobot Worm.Win32.P2P-Palevo.212992.C 20100406
VirusBuster Worm.P2P.Palevo.HWB 20100406
Authentium 20100406
eTrust-Vet 20100406
F-Prot 20100405
Norman 20100406
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 3
PE sections
PE imports
GetProcAddress
LoadLibraryA
lstrlenA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetModuleHandleA
ExitProcess
GetSystemTimeAsFileTime
_except_handler3
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
exit
_acmdln
__security_error_handler
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__dllonexit
_onexit
_controlfp
__3@YAXPAX@Z
atoi
malloc
free
memset
_amsg_exit
wsprintfA
File identification
MD5 eab44f95516271b7aac82816341c3b57
SHA1 c320ecb8a82356cccd72e3319ff19e4a98f156af
SHA256 d38d9f86cc48d84e8d7d1abd6db494996d5c189f1842f522267bf39cfdac09f5
ssdeep
6144:irBgNyXFzUUAzoUc9FlYMXJshByPULoBmCMk:irr9APGTYMXyyPULoBmCD

File size 231.5 KB ( 237063 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2010-03-02 13:50:40 UTC ( 8 years, 8 months ago )
Last submission 2010-04-06 15:32:47 UTC ( 8 years, 7 months ago )
File names vAIgi.inf
aa
Behaviour characterization
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!