× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d6eb9a1a5b27e783124c32ba7eefec443db03bd9fb26ad142f080d1b54ca47c4
File name: f30d52b81100279b016c37704aebefea
Detection ratio: 17 / 43
Analysis date: 2012-02-04 16:40:23 UTC ( 6 years, 4 months ago )
Antivirus Result Update
AntiVir TR/Crypt.ZPACK.Gen 20120204
Avast Win32:Malware-gen 20120204
AVG PSW.SpyEye.BT 20120204
BitDefender Gen:Trojan.Heur2.LVP.uqW@aG!S!hfi 20120204
Comodo UnclassifiedMalware 20120203
DrWeb Trojan.PWS.SpySweep.143 20120204
Emsisoft Trojan-PWS.SpyEye!IK 20120204
F-Secure Gen:Trojan.Heur2.LVP.uqW@aG!S!hfi 20120204
Fortinet W32/SpyEye.CA!tr.spy 20120204
GData Gen:Trojan.Heur2.LVP.uqW@aG!S!hfi 20120204
Ikarus Trojan-PWS.SpyEye 20120204
McAfee Generic PWS.y!dvs 20120204
McAfee-GW-Edition Generic PWS.y!dvs 20120203
NOD32 Win32/Spy.SpyEye.CA 20120204
Norman W32/Troj_Generic.NXBK 20120203
VBA32 TrojanSpy.SpyEyes.gen 20120203
VIPRE Trojan.Win32.Generic!BT 20120204
AhnLab-V3 20120203
Antiy-AVL 20120203
ByteHero 20120126
CAT-QuickHeal 20120204
ClamAV 20120204
Commtouch 20120204
eSafe 20120202
eTrust-Vet 20120203
F-Prot 20120201
Jiangmin 20120204
K7AntiVirus 20120203
Kaspersky 20120204
Microsoft 20120204
nProtect 20120204
Panda 20120204
PCTools 20120204
Prevx 20120204
Rising 20120118
Sophos AV 20120204
SUPERAntiSpyware 20120203
Symantec 20120204
TheHacker 20120203
TrendMicro 20120204
TrendMicro-HouseCall 20120204
ViRobot 20120204
VirusBuster 20120203
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Number of sections 4
PE sections
PE imports
GetProcAddress, GetModuleHandleA, MultiByteToWideChar, HeapAlloc, ExitProcess, TerminateProcess, GetCurrentProcess, GetStartupInfoA, GetCommandLineA, GetVersion, HeapDestroy, HeapCreate, VirtualFree, HeapFree, VirtualAlloc, HeapReAlloc, RtlUnwind, UnhandledExceptionFilter, GetModuleFileNameA, FreeEnvironmentStringsA, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, WriteFile, GetLastError, CloseHandle, GetCPInfo, GetACP, GetOEMCP, LoadLibraryA, SetStdHandle, FlushFileBuffers, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, SetFilePointer
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

TimeStamp
2012:02:01 10:48:02+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
92160

LinkerVersion
7.1

EntryPoint
0x148ea

InitializedDataSize
244736

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 f30d52b81100279b016c37704aebefea
SHA1 14e9a8193cac79e3b4f98a21700339684911ff18
SHA256 d6eb9a1a5b27e783124c32ba7eefec443db03bd9fb26ad142f080d1b54ca47c4
ssdeep
6144:l/dw20k/loSHQH/QswOqpjayu5ZflYvraY+VR9/8sXtOW1p1:l/v0k/6SI/Qv3pjs58zaY+K0tfV

File size 330.0 KB ( 337920 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable MS Visual C++ 4.x (69.2%)
Win32 Executable MS Visual C++ (generic) (19.3%)
Win32 Executable Generic (4.3%)
Win32 Dynamic Link Library (generic) (3.8%)
Win16/32 Executable Delphi generic (1.0%)
VirusTotal metadata
First submission 2012-02-01 15:45:06 UTC ( 6 years, 4 months ago )
Last submission 2012-02-04 16:40:23 UTC ( 6 years, 4 months ago )
File names 20120201-041645_0907.exe
f30d52b81100279b016c37704aebefea
3484 01.02.2012 17.51.08.159
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!