× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e0bbba1f59c770751cb76a5daa4b41118c515cf35bf586d43e1bae43c7fd1092
Detection ratio: 7 / 42
Analysis date: 2010-07-30 09:17:20 UTC ( 8 years, 6 months ago )
Antivirus Result Update
AhnLab-V3 Malware/Win32.Heur.h6 20100729
CAT-QuickHeal (Suspicious) - DNAScan 20100730
Microsoft TrojanSpy:Win32/Fitmu.A 20100730
Norman W32/Bredolab.B!genr 20100730
Panda Bck/Bredolab.AZ 20100729
Sophos AV Mal/EncPk-QY 20100730
Sunbelt Trojan.Win32.Generic.pak!cobra 20100730
AntiVir 20100729
Antiy-AVL 20100730
Authentium 20100730
Avast 20100730
Avast5 20100730
AVG 20100729
BitDefender 20100730
ClamAV 20100729
Comodo 20100729
DrWeb 20100730
Emsisoft 20100730
eSafe 20100729
eTrust-Vet 20100730
F-Prot 20100730
F-Secure 20100730
Fortinet 20100729
GData 20100730
Ikarus 20100730
Jiangmin 20100729
Kaspersky 20100730
McAfee 20100730
McAfee-GW-Edition 20100729
NOD32 20100729
nProtect 20100730
PCTools 20100730
Prevx 20100730
Rising 20100730
SUPERAntiSpyware 20100730
Symantec 20100730
TheHacker 20100730
TrendMicro 20100730
TrendMicro-HouseCall 20100730
VBA32 20100728
ViRobot 20100729
VirusBuster 20100729
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 4
PE sections
PE imports
CreateFontIndirectA
BitBlt
GetBkColor
DeleteObject
GetPixel
SetROP2
MoveToEx
ExtTextOutA
LineTo
GetObjectA
PatBlt
GetProcAddress
LoadLibraryA
CloseHandle
GetModuleHandleA
GetLastError
LocalFree
GetFileSize
GlobalAlloc
lstrlenA
GetVersionExA
LocalAlloc
GetTickCount
GetStartupInfoA
__CxxFrameHandler
wcschr
__set_app_type
toupper
wcstoul
__setusermatherr
_exit
_c_exit
_controlfp
exit
__getmainargs
DefWindowProcA
SetWindowTextA
DispatchMessageA
TranslateMessage
DestroyWindow
File identification
MD5 cfb69f900ef8725ac3b6f458cd97ae54
SHA1 8ac88bd67a754596204fbed6f0d199097a5e647f
SHA256 e0bbba1f59c770751cb76a5daa4b41118c515cf35bf586d43e1bae43c7fd1092
ssdeep
6144:XapdDyc69XINFvMFP6z2JxDV/iuil3oyWzM:qp1yj9XyM5ZV/QlWz

File size 251.0 KB ( 257024 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2010-07-30 09:17:20 UTC ( 8 years, 6 months ago )
Last submission 2010-07-30 09:17:20 UTC ( 8 years, 6 months ago )
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!