× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: dcad018119ba529b967e91a36cde9ad22f70a40e6f33618fe7b6ebceaec464e7
File name: iDuel.exe
Detection ratio: 16 / 43
Analysis date: 2012-01-14 08:26:04 UTC ( 7 years ago ) View latest
Antivirus Result Update
AVG Suspicion: unknown virus 20120113
BitDefender Gen:Trojan.Heur.VP2.nieda0@hXTeb 20120114
CAT-QuickHeal (Suspicious) - DNAScan 20120114
ClamAV PUA.Packed.FSG 20120114
Commtouch W32/Heuristic-210!Eldorado 20120114
F-Prot W32/Heuristic-210!Eldorado 20120113
F-Secure Gen:Trojan.Heur.VP2.nieda0@hXTeb 20120114
GData Gen:Trojan.Heur.VP2.nieda0@hXTeb 20120114
K7AntiVirus Riskware 20120113
McAfee-GW-Edition Heuristic.LooksLike.Win32.SuspiciousPE.C 20120113
Norman Suspicious_F.gen.E 20120113
Sophos AV Mal/Packer 20120114
SUPERAntiSpyware Trojan.Agent/Gen-FSG 20120114
TrendMicro PAK_Generic.002 20120114
TrendMicro-HouseCall PAK_Generic.002 20120114
VirusBuster Packed/FSG 20120113
AhnLab-V3 20120113
AntiVir 20120113
Antiy-AVL 20120114
Avast 20120113
ByteHero 20120111
Comodo 20120114
DrWeb 20120114
Emsisoft 20120114
eSafe 20120111
eTrust-Vet 20120113
Fortinet 20120114
Ikarus 20120114
Jiangmin 20120113
Kaspersky 20120114
McAfee 20120114
Microsoft 20120114
NOD32 20120114
nProtect 20120114
Panda 20120113
PCTools 20120114
Prevx 20120114
Rising 20120113
Symantec 20120114
TheHacker 20120113
VBA32 20120113
VIPRE 20120114
ViRobot 20120114
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
FileVersionInfo properties
Copyright
Copyright (c) 2009 iDuel Team

Product iDuel
Original name iDuel.exe
Internal name iDuel
File version 0.02.0002
Description iDuel - Enjoy Duel
Comments This is a freeware, use is subject to license terms
Packers identified
Command FSG
F-PROT FSG
PEiD FSG v2.0 -> bart/xt
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1987-09-11 01:35:02
Entry Point 0x00000154
Number of sections 2
PE sections
PE imports
LoadLibraryA
GetProcAddress
Number of PE resources by type
BIN 1
RT_ICON 1
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 2
CHINESE SIMPLIFIED 2
PE resources
Compressed bundles
File identification
MD5 afa635f3a4165d71d008334ce50b403e
SHA1 9cb9fbf99bf65bb6a724cb49fdba50b16f691a28
SHA256 dcad018119ba529b967e91a36cde9ad22f70a40e6f33618fe7b6ebceaec464e7
ssdeep
6144:AgQI96r9gHWX/UM9mm/fLbf/4Ep4+Z4tN/d:AgQpgHnMHfLj4eZ4vd

authentihash 1d142f761c03022dc774ea5fe090573058e66ce919cc37f3a55e6638f69e59ad
imphash 87bed5a7cba00c7e1f4015f1bdae2183
File size 221.6 KB ( 226961 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable, PE for MS Windows (GUI) Intel 80386 32-bit

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe fsg

VirusTotal metadata
First submission 2012-01-14 08:26:04 UTC ( 7 years ago )
Last submission 2013-10-05 16:40:41 UTC ( 5 years, 3 months ago )
File names AFA635F3A4165D71D008334CE50B403E
61oG36xlPT.ocx
PYnYZpVz.gif
iDuel.exe
iDuel.exe
AFA635F3A4165D71D008334CE50B403E_DCAD018119BA529B967E91A36CDE9AD22F70A40E6F33618FE7B6EBCEAEC464E7.bin
iDuel.exe
iDuel
Advanced heuristic and reputation engines
ClamAV
Possibly Unwanted Application. While not necessarily malicious, the scanned file presents certain characteristics which depending on the user policies and environment may or may not represent a threat. For full details see: https://www.clamav.net/documents/potentially-unwanted-applications-pua .

No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!