× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: df0195517904bbb108eda1759722459e7c173cd7960e31d6cd33dfad59a6af64
File name: aa
Detection ratio: 26 / 41
Analysis date: 2010-05-15 17:31:56 UTC ( 8 years, 8 months ago )
Antivirus Result Update
a-squared Win32.SuspectCrc!IK 20100510
AhnLab-V3 Packed/Win32.PECompact 20100514
AntiVir TR/Dldr.50webs.A 20100514
Authentium W32/SysVenFak.A.gen!Eldorado 20100514
Avast Win32:Malware-gen 20100515
Avast5 Win32:Malware-gen 20100515
AVG PSW.Banker5.AWZU 20100515
BitDefender DeepScan:Generic.Banker.OT.7FCE0884 20100515
Comodo Heur.Suspicious 20100515
F-Prot W32/SysVenFak.A.gen!Eldorado 20100515
F-Secure DeepScan:Generic.Banker.OT.7FCE0884 20100515
GData DeepScan:Generic.Banker.OT.7FCE0884 20100515
Ikarus Win32.SuspectCrc 20100515
Kaspersky Packed.Win32.PECompact 20100515
McAfee Suspect-02!DE641BDA42E1 20100515
McAfee-GW-Edition Artemis!DE641BDA42E1 20100515
Microsoft TrojanSpy:Win32/Bancos.DV 20100514
NOD32 Win32/Spy.Banker.TOP 20100515
Norman W32/Suspicious.C4!genr 20100515
Panda Trj/CI.A 20100515
PCTools Spyware.Keylogger 20100515
Sophos AV Sus/Behav-1021 20100515
Sunbelt Trojan.Win32.Generic.pak!cobra 20100515
Symantec Spyware.Keylogger 20100515
VBA32 Trojan-Banker.Win32.Banbra.vhj 20100514
ViRobot Spyware.Keylogger.1854464 20100515
Antiy-AVL 20100514
CAT-QuickHeal 20100515
ClamAV 20100515
DrWeb 20100515
eSafe 20100513
eTrust-Vet 20100515
Fortinet 20100515
Jiangmin 20100515
nProtect 20100515
Prevx 20100515
Rising 20100514
TheHacker 20100514
TrendMicro 20100515
TrendMicro-HouseCall 20100515
VirusBuster 20100515
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
FileVersionInfo properties
Publisher Microsoft Corporation
Product Microsoft_ Windows_ Operating System
File version 1.0.0.1
PE header basic information
Number of sections 2
PE sections
PE imports
RegQueryValueExA
_TrackMouseEvent
GetOpenFileNameA
UnrealizeObject
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
GradientFill
CreateStreamOnHGlobal
SysFreeString
ExtractIconA
CoInternetCreateZoneManager
GetKeyboardType
VerQueryValueA
InternetSetOptionA
File identification
MD5 de641bda42e11ce5a81667a324203411
SHA1 e2b4141e71c2eb2a8d11baf4a95cf57603428d3f
SHA256 df0195517904bbb108eda1759722459e7c173cd7960e31d6cd33dfad59a6af64
ssdeep
24576:1S9oVPXb3oXcN1zL4LzqGC6qilfvRrxbmcfbgde9vAViCDgdDbTYYzmkxz72QYrR:RZbDNKV93RrRNcwvAJDgdDQYfxz971

File size 1.8 MB ( 1854464 bytes )
File type unknown
Magic literal

TrID Win32 EXE PECompact compressed (v2.x) (48.0%)
Win32 EXE PECompact compressed (generic) (33.8%)
Win32 Executable Generic (6.9%)
Win32 Dynamic Link Library (generic) (6.1%)
Win16/32 Executable Delphi generic (1.6%)
VirusTotal metadata
First submission 2010-04-09 02:11:44 UTC ( 8 years, 9 months ago )
Last submission 2010-05-15 17:31:56 UTC ( 8 years, 8 months ago )
File names lI97ZMR.exe
izHMDf9sOJ.jpeg
aa
b59Tnu.rar
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!