× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e061778fa951be6948b3a0f5c94bb2f00d3de430302530751c4472831a17faa3
File name: 8DAB5EEB2035CE07EE023DB545EF675F
Detection ratio: 38 / 43
Analysis date: 2011-08-09 06:06:49 UTC ( 7 years, 3 months ago )
Antivirus Result Update
AhnLab-V3 Win-Trojan/Bredolab1.Gen 20110808
AntiVir TR/Crypt.XPACK.Gen 20110809
Avast Win32:Bredolab-BU [Trj] 20110809
Avast5 Win32:Bredolab-BU [Trj] 20110809
AVG Win32/Cryptor 20110809
BitDefender Trojan.Generic.3101505 20110809
CAT-QuickHeal Win32.Packed.Krap.x.4 20110809
ClamAV Trojan.Downloader.Bredolab-1416 20110809
Commtouch W32/Trojan.Bredolab.A 20110809
Comodo TrojWare.Win32.TrojanDownloader.Agent.~GGI 20110809
DrWeb Trojan.Packed.19662 20110809
Emsisoft Trojan.Win32.Bredolab!IK 20110809
eTrust-Vet Win32/Bredolab.C!generic 20110808
F-Prot W32/Trojan.Bredolab.A 20110809
F-Secure Trojan.Generic.3101505 20110809
GData Trojan.Generic.3101505 20110809
Ikarus Trojan.Win32.Bredolab 20110809
Jiangmin Packed.Krap.blcc 20110808
K7AntiVirus Virus 20110802
Kaspersky Packed.Win32.Krap.x 20110809
McAfee Generic Dropper.lr 20110809
McAfee-GW-Edition Generic Dropper.lr 20110809
Microsoft TrojanDownloader:Win32/Waledac.C 20110809
NOD32 a variant of Win32/Kryptik.CEJ 20110809
Norman Bredolab.TL 20110808
nProtect Trojan/W32.Krap.25600.BX 20110808
Panda Bck/Bredolab.AB 20110808
PCTools HeurEngine.MaliciousPacker 20110809
Sophos AV Mal/EncPk-KW 20110809
SUPERAntiSpyware Trojan.Agent/Gen-FraudLoad[Cryptor] 20110809
Symantec Packed.Generic.265 20110809
TheHacker Trojan/Krap.x 20110807
TrendMicro TROJ_BREDLAB.SM 20110809
TrendMicro-HouseCall TROJ_BREDLAB.SM 20110809
VBA32 Malware-Cryptor.Win32.Chucha 20110808
VIPRE Trojan.Win32.Bredolab.Gen.2 (v) 20110809
ViRobot Trojan.Win32.S.Krap.25600.J 20110809
VirusBuster Trojan.Fraudload.Gen!Pac.5 20110808
Antiy-AVL 20110808
eSafe 20110808
Fortinet 20110809
Prevx 20110809
Rising 20110808
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Number of sections 4
PE sections
PE imports
SetBkMode
GetObjectA
SelectObject
GetTextColor
GetTextMetricsA
ExtTextOutA
GetStockObject
SetPixel
PatBlt
CreateFontIndirectA
CreateSolidBrush
SetROP2
BitBlt
GetDeviceCaps
LineTo
GetPixel
MoveToEx
CreateCompatibleDC
GetProcAddress
LoadLibraryA
GetCommandLineA
CloseHandle
GetModuleHandleA
GetStdHandle
CreateEventA
GetVersionExA
LocalFree
GetLastError
Sleep
GetStartupInfoA
lstrcatA
__p__commode
exit
toupper
memmove
__set_app_type
wcschr
_acmdln
_c_exit
__p__fmode
_XcptFilter
_controlfp
__setusermatherr
_initterm
_except_handler3
wcstoul
__CxxFrameHandler
wcslen
_adjust_fdiv
rand
__getmainargs
_exit
GetClientRect
CreateWindowExA
TranslateMessage
ScreenToClient
DefWindowProcA
DispatchMessageA
ShowWindow
GetSysColor
BeginPaint
SetFocus
DestroyWindow
GetMessageA
DialogBoxParamA
MessageBoxA
File identification
MD5 8dab5eeb2035ce07ee023db545ef675f
SHA1 5e1f4c271a85c82fe5091e358a750dbcb86b97b2
SHA256 e061778fa951be6948b3a0f5c94bb2f00d3de430302530751c4472831a17faa3
ssdeep
384:xdO9AlrhO+FXCt1QMMMMMMMMMMMN88888QbuKZNvA:OOdOSy1QMMMMMMMMMMMN88888QpZN

File size 25.0 KB ( 25600 bytes )
File type Win32 EXE
Magic literal

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2010-02-05 00:16:47 UTC ( 8 years, 9 months ago )
Last submission 2011-08-09 06:06:49 UTC ( 7 years, 3 months ago )
File names TkS5ZA.gz
8DAB5EEB2035CE07EE023DB545EF675F
aa
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!