× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: dda91c9732b5faf393179fc4ecc9063b4e70ecaa76fa19602424a29ddded7c60
Detection ratio: 41 / 42
Analysis date: 2010-04-01 15:54:49 UTC ( 9 years, 1 month ago )
Antivirus Result Update
a-squared Trojan-Downloader.Win32.Fakeinit!IK 20100401
AntiVir TR/Agent.AN.91 20100401
Antiy-AVL Trojan/Win32.Krap.gen 20100401
Authentium W32/FakeAlert.FB.gen!Eldorado 20100401
Avast Win32:MalOb-AJ 20100331
Avast5 Win32:MalOb-AJ 20100331
AVG SHeur2.CJDV 20100401
BitDefender Trojan.Generic.3216908 20100401
CAT-QuickHeal Win32.Packed.Krap.an.4 20100401
ClamAV Trojan.Agent-144062 20100401
Comodo TrojWare.Win32.TrojanDownloader.FraudLoad.~kts 20100401
DrWeb Trojan.Fakealert.11886 20100401
eSafe Win32.Suspect.B 20100401
eTrust-Vet Win32/FakeAV.CDC 20100401
F-Prot W32/FakeAlert.FB.gen!Eldorado 20100401
F-Secure Trojan:W32/FakeAlert.JQ 20100401
Fortinet W32/Krap.AN!tr 20100401
GData Trojan.Generic.3216908 20100401
Ikarus Trojan-Downloader.Win32.Fakeinit 20100401
Jiangmin Packed.Krap.blfy 20100401
K7AntiVirus Packed.Win32.Krap.an 20100322
Kaspersky Packed.Win32.Krap.an 20100401
McAfee New Malware.kd 20100331
McAfee+Artemis New Malware.kd 20100331
McAfee-GW-Edition Trojan.Agent.AN.91 20100401
Microsoft TrojanDownloader:Win32/Fakeinit 20100331
NOD32 Win32/TrojanDownloader.FakeAlert.AED 20100401
Norman W32/Fakeinit.K 20100331
nProtect Trojan/W32.Bredolab.38912 20100401
Panda Adware/ISecurity2010 20100401
PCTools RogueAntiSpyware.Generic 20100401
Prevx High Risk Cloaked Malware 20100401
Rising Trojan.Win32.Generic.51F8C618 20100401
Sophos AV Mal/FakeAV-BW 20100401
Sunbelt Trojan.Win32.Generic!SB.0 20100401
Symantec Downloader.MisleadApp 20100401
TheHacker Trojan/Spy.Krap.an 20100331
TrendMicro TROJ_FAKEAL.SMDP 20100401
VBA32 BScope.Trojan.MTA.0131 20100401
ViRobot Trojan.Win32.Krap.38912.G 20100401
VirusBuster Trojan.Codecpack.Gen 20100401
AhnLab-V3 20100331
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 4
PE sections
PE imports
RegOpenKeyW
RevertToSelf
ReportEventW
RegEnumValueA
RegQueryInfoKeyW
OpenServiceA
GetAclInformation
GetSidIdentifierAuthority
IsValidSid
RegEnumKeyExW
InitializeSecurityDescriptor
IsTextUnicode
OpenProcessToken
RegEnumKeyA
RegDeleteValueA
CryptGenRandom
RegEnumValueW
CryptHashData
RegQueryInfoKeyA
RegisterTraceGuidsW
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
LockServiceDatabase
LsaOpenPolicy
RegCreateKeyW
RegQueryValueExA
RegOpenKeyA
AddAccessAllowedAce
OpenSCManagerW
RegEnumKeyExA
CreatePropertySheetPageW
ImageList_ReplaceIcon
ImageList_Destroy
InitCommonControlsEx
ImageList_Create
InitCommonControls
FindNextFileW
lstrlenA
CreateDirectoryA
HeapAlloc
HeapDestroy
GetVersion
GetStartupInfoA
ExitProcess
CreateEventW
GetEnvironmentStringsW
GetACP
lstrcatW
GetDriveTypeW
GetCurrentThreadId
GetCurrentProcessId
GetProcAddress
IsBadCodePtr
FindFirstFileW
GetFileAttributesA
GetProcessHeap
GetTempPathA
HeapSize
CreateFileMappingA
WriteConsoleW
lstrcmpW
FileTimeToLocalFileTime
VirtualAlloc
ResumeThread
GetCurrentProcess
SetEvent
GetLocaleInfoW
WideCharToMultiByte
GetStdHandle
GlobalAlloc
_isatty
wcscpy
_strnicmp
_errno
wcspbrk
strlen
towupper
_unlock
_wcsupr
__getmainargs
wcslen
fwrite
__wgetmainargs
__set_app_type
_wcsnicmp
_exit
__CxxFrameHandler
rand
calloc
NtCreateEvent
RtlIntegerToUnicodeString
NtOpenThread
RtlDestroyEnvironment
NtQuerySystemInformation
NtQueryObject
NtSetInformationProcess
RtlAddAce
RtlTimeFieldsToTime
RtlCreateUserThread
VerSetConditionMask
NtOpenDirectoryObject
wcstoul
NtQueryKey
NtQuerySymbolicLinkObject
CLSIDFromProgID
ReadFmtUserTypeStg
OleInitialize
StgCreateDocfile
CoInitialize
CoCreateInstance
StringFromCLSID
CoInitializeEx
StringFromIID
StgOpenStorage
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CoRevertToSelf
WriteClassStm
CLSIDFromString
CoReleaseMarshalData
CoTaskMemRealloc
OleRegGetMiscStatus
CoSetProxyBlanket
CoGetClassObject
StgIsStorageFile
CoImpersonateClient
CoGetObjectContext
File identification
MD5 6575b61bd98071ac56c9dcc79a439a83
SHA1 08f7d8d5bbe706e7044e758534ad4db2daa07ae9
SHA256 dda91c9732b5faf393179fc4ecc9063b4e70ecaa76fa19602424a29ddded7c60
ssdeep
768:Qpd/ZZXofpFS9hbgcBGzHBUGvTx9BTa41lfASMXPBqczr:ud/bXSvSXrcCGrx9BTa41lfIzr

File size 38.0 KB ( 38912 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
VirusTotal metadata
First submission 2010-02-01 21:50:39 UTC ( 9 years, 3 months ago )
Last submission 2010-04-01 15:54:49 UTC ( 9 years, 1 month ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!