× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e6d49a873cf37c809d346f48d0d2aba009b4e204daa851c7f81b88e9255719e1
Detection ratio: 21 / 43
Analysis date: 2011-02-09 04:25:57 UTC ( 7 years, 5 months ago )
Antivirus Result Update
AntiVir DR/Agent.xzp 20110208
Avast Win32:SpyBot-GFX 20110208
Avast5 Win32:SpyBot-GFX 20110208
AVG Dropper.Generic_c.JCP 20110209
Emsisoft Downloader.Agent!IK 20110209
eSafe Win32.DRAgent.Xzp 20110208
eTrust-Vet Win32/Susp.BHOPlugin_i 20110208
GData Win32:SpyBot-GFX 20110209
Ikarus Downloader.Agent 20110209
McAfee Artemis!B76322B62FC6 20110209
McAfee-GW-Edition Artemis!B76322B62FC6 20110208
NOD32 NSIS/TrojanDownloader.Agent.NCU 20110208
Norman Smalltroj.VVHK.dropper 20110208
Panda Suspicious file 20110208
PCTools Trojan.ADH 20110208
Prevx High Risk Cloaked Malware 20110209
SUPERAntiSpyware Trojan.Agent/Gen-Partner[MSN-Fake] 20110209
Symantec Trojan.ADH 20110209
TheHacker Trojan/Downloader.Agent.cxcd 20110208
VBA32 NSIS.TrojanDownloader.Agent.NCU 20110208
VIPRE Trojan.Win32.Generic!BT 20110209
AhnLab-V3 20110206
Antiy-AVL 20110128
BitDefender 20110209
CAT-QuickHeal 20110209
ClamAV 20110209
Commtouch 20110209
Comodo 20110209
DrWeb 20110209
F-Prot 20110204
F-Secure 20110209
Fortinet 20110208
Jiangmin 20110208
K7AntiVirus 20110208
Kaspersky 20110209
Microsoft 20110208
nProtect 20110202
Rising 20110209
Sophos AV 20110209
TrendMicro 20110209
TrendMicro-HouseCall 20110209
ViRobot 20110209
VirusBuster 20110208
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Number of sections 4
PE sections
PE imports
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetFileSecurityA
SetFileSecurityW
1 more function(s) imported by ordinal)
CommDlgExtendedError
GetOpenFileNameA
DeleteObject
CloseHandle
CompareStringA
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
ExitProcess
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FreeLibrary
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetDateFormatA
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetNumberFormatA
GetProcAddress
GetProcessHeap
GetStdHandle
GetTempPathA
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalAlloc
HeapAlloc
HeapFree
HeapReAlloc
IsDBCSLeadByte
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
MoveFileExA
MultiByteToWideChar
ReadFile
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
Sleep
SystemTimeToFileTime
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrlenA
CLSIDFromString
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
SHBrowseForFolderA
SHChangeNotify
SHFileOperationA
SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
CharToOemBuffA
CharUpperA
CopyRect
CreateWindowExA
DefWindowProcA
DestroyIcon
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
FindWindowExA
GetClassNameA
GetClientRect
GetDlgItem
GetDlgItemTextA
GetMessageA
GetParent
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
IsWindow
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadIconA
LoadStringA
MapWindowPoints
MessageBoxA
OemToCharA
OemToCharBuffA
PeekMessageA
PostMessageA
RegisterClassExA
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetMenu
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UpdateWindow
WaitForInputIdle
wsprintfA
wvsprintfA
File identification
MD5 b76322b62fc6fc88b63bc5577f0a5037
SHA1 34a092265440f2f16e0354fc6b68859c2b90e97a
SHA256 e6d49a873cf37c809d346f48d0d2aba009b4e204daa851c7f81b88e9255719e1
ssdeep
24576:5nJ2v7uBGfIvG8nu9FniqXTUuOETqa0jEL0r21+C8:5JQ7vwvyHniqTyS50QLt+5

File size 1.0 MB ( 1052423 bytes )
File type Win32 EXE
Magic literal

TrID WinRAR Self Extracting archive (95.7%)
Win32 Executable Generic (1.5%)
Win32 Dynamic Link Library (generic) (1.4%)
Win32 Executable Watcom C++ (generic) (0.4%)
Generic Win/DOS Executable (0.3%)
VirusTotal metadata
First submission 2010-08-15 16:04:31 UTC ( 7 years, 11 months ago )
Last submission 2011-02-09 04:25:57 UTC ( 7 years, 5 months ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!