× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e823d4f6f53410dcf3b14020b896e68c9dd5db7726e10c5b4ba8d8659db53d4d
File name: 70F25B0391B1FAD042DD9ACE6D75D344
Detection ratio: 34 / 43
Analysis date: 2011-07-18 08:42:27 UTC ( 7 years, 1 month ago )
Antivirus Result Update
AhnLab-V3 Win-Trojan/Fakeav.1152512.C 20110718
AntiVir TR/FakeAV.sc.1 20110718
AVG Cryptic.HG 20110718
BitDefender Trojan.Generic.3933990 20110718
CAT-QuickHeal Trojan.Agent.WD 20110718
ClamAV Trojan.Agent-241671 20110718
Commtouch W32/FakeAlert.PU 20110718
DrWeb Trojan.Fakealert.8876 20110718
Emsisoft Packed.Win32.Katusha!IK 20110718
eSafe Win32.FakeAV 20110717
eTrust-Vet Win32/FakeAV.CJF 20110715
F-Prot W32/FakeAlert.PU 20110718
F-Secure Trojan.Generic.3933990 20110718
GData Trojan.Generic.3933990 20110718
Ikarus Packed.Win32.Katusha 20110718
Jiangmin Packed.Katusha.ilz 20110714
K7AntiVirus Riskware 20110715
Kaspersky Packed.Win32.Katusha.j 20110718
McAfee FakeAlert-MY.gen 20110718
McAfee-GW-Edition FakeAlert-MY.gen 20110718
Microsoft Rogue:Win32/FakeRean 20110718
NOD32 Win32/Adware.SecurityCentral.AA 20110718
Norman W32/Obfuscated.BJ!genr 20110717
nProtect Trojan/W32.Katusha.1152512 20110717
Panda Trj/Katusha.J 20110717
PCTools RogueAntiSpyware.SecurityAntivirus 20110713
Sophos AV Mal/FakeAV-BT 20110718
Symantec Trojan.FakeAV 20110718
TrendMicro TROJ_KRAP.SMFB 20110718
TrendMicro-HouseCall TROJ_KRAP.SMFB 20110718
VBA32 Trojan.ExpProc.014 20110715
VIPRE VirTool.Win32.Obfuscator.hg!a (v) 20110718
ViRobot Trojan.Win32.Katusha.1152512 20110718
VirusBuster Trojan.Meredrop!hInnXRj9n+Q 20110717
Antiy-AVL 20110715
Avast 20110718
Avast5 20110718
Comodo 20110718
Fortinet 20110718
Prevx 20110718
Rising 20110715
SUPERAntiSpyware 20110718
TheHacker 20110718
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Number of sections 5
PE sections
PE imports
IsTextUnicode
RegQueryValueExA
RegOpenKeyExA
RegSetValueExW
RegCreateKeyW
RegQueryValueExW
RegCloseKey
CreateStatusWindowW
PrintDlgExW
ReplaceTextW
GetFileTitleW
FindTextW
GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW
PageSetupDlgW
ChooseFontW
GetDeviceCaps
TextOutW
GetTextExtentPoint32W
EndDoc
SetWindowExtEx
GetTextFaceW
StartDocW
GetStockObject
GetObjectW
CreateFontIndirectW
SetBkMode
SetViewportExtEx
SelectObject
EndPage
SetMapMode
SetAbortProc
StartPage
AbortDoc
EnumFontsW
DeleteObject
GetTextMetricsW
LPtoDP
DeleteDC
CreateDCW
FreeEnvironmentStringsW
GetModuleFileNameA
GetLocaleInfoA
GetACP
WriteFile
CreateFileA
GetSystemTime
GetFileAttributesW
GetCurrentProcess
LoadResource
IsDebuggerPresent
LoadLibraryA
FindClose
QueryPerformanceCounter
CreateFileMappingW
DeleteCriticalSection
SetLastError
GetTempPathW
LocalReAlloc
lstrlenW
GetStringTypeA
WritePrivateProfileStringA
WideCharToMultiByte
LeaveCriticalSection
LoadLibraryW
lstrcatW
GetTimeFormatW
SetEndOfFile
GetVersion
SystemTimeToFileTime
GetEnvironmentStringsW
FindFirstFileW
DebugBreak
CompareFileTime
GetFileType
HeapReAlloc
DisableThreadLibraryCalls
GetTickCount
GetModuleFileNameW
CreateFileW
RaiseException
CompareStringW
lstrcpynW
SetStdHandle
GetProcAddress
GlobalLock
TlsFree
LocalUnlock
lstrcmpiW
GetModuleHandleA
UnhandledExceptionFilter
GetSystemTimeAsFileTime
UnmapViewOfFile
InitializeCriticalSectionAndSpinCount
ExitProcess
MultiByteToWideChar
LocalAlloc
GetFileInformationByHandle
GlobalHandle
GetLocaleInfoW
MulDiv
TerminateProcess
GlobalUnlock
lstrcpyW
GetCommandLineW
GetConsoleOutputCP
InterlockedIncrement
TlsGetValue
SetFilePointer
FormatMessageW
FreeLibrary
GetLocalTime
IsValidLocale
LocalSize
GetLastError
GetDateFormatW
VirtualProtect
Sleep
RemoveDirectoryA
GetUserDefaultLCID
ReleaseMutex
ResetEvent
GetCurrentThreadId
SizeofResource
FileTimeToSystemTime
LocalLock
GetStartupInfoA
GlobalFree
FoldStringW
HeapCreate
ReadFile
SetUnhandledExceptionFilter
MapViewOfFile
HeapFree
lstrcmpW
CloseHandle
DeleteFileW
InterlockedDecrement
VirtualFree
LocalFree
GetVersionExW
GetCurrentProcessId
GetUserDefaultUILanguage
_cexit
_adjust_fdiv
_exit
__CxxFrameHandler
localtime
wcsncpy
_terminate@@YAXXZ
_acmdln
__set_app_type
_wcsicmp
time
__getmainargs
__p__fmode
_snwprintf
__dllonexit
wcsncmp
iswctype
_controlfp
_wcsnicmp
__p__commode
__setusermatherr
__3@YAXPAX@Z
_c_exit
_XcptFilter
_amsg_exit
_initterm
exit
_wtol
DragFinish
ShellAboutW
DragQueryFileW
DragAcceptFiles
GetWindowTextW
GetDlgItemTextW
PeekMessageW
WinHelpW
RegisterWindowMessageW
MessageBoxW
CharLowerW
CharUpperW
GetClientRect
GetMenuState
SetPropA
IsWindow
GetParent
ChildWindowFromPoint
DispatchMessageW
MoveWindow
GetSystemMenu
UnhookWinEvent
RegisterClassW
PostMessageW
SetCursor
IsIconic
EnableMenuItem
SetTimer
DialogBoxParamW
GetWindowLongW
LoadStringW
CheckMenuItem
LoadIconW
DestroyMenu
MessageBeep
EnableWindow
LoadCursorW
SetDlgItemTextW
SetActiveWindow
GetDesktopWindow
UpdateWindow
SetWinEventHook
ScreenToClient
MsgWaitForMultipleObjects
LoadAcceleratorsW
GetDlgCtrlID
CreatePopupMenu
RegisterClipboardFormatW
SetScrollPos
GetForegroundWindow
GetMenu
IsDialogMessageW
CallWindowProcA
TranslateMessage
CloseClipboard
IsClipboardFormatAvailable
ShowWindow
SendMessageW
InvalidateRect
GetDlgItem
EndDialog
TranslateAcceleratorW
GetMessagePos
OpenClipboard
GetSubMenu
GetSystemMetrics
GetDC
LoadImageW
SendDlgItemMessageW
DrawTextExW
CreateWindowExW
SetWindowPlacement
CharNextW
PostQuitMessage
GetWindowPlacement
IsRectEmpty
GetFocus
SetWindowLongW
GetCursorPos
EndPaint
wsprintfW
ReleaseDC
SetWindowPos
DefWindowProcW
SetWindowTextW
DestroyWindow
SystemParametersInfoA
GetSysColor
SetFocus
CreateDialogParamW
GetKeyboardLayout
IsDialogMessageA
LoadBitmapW
IsDlgButtonChecked
GetMessageW
AdjustWindowRectEx
RegisterWindowMessageA
RegisterClassExW
OpenPrinterW
GetPrinterDriverW
ClosePrinter
File identification
MD5 70f25b0391b1fad042dd9ace6d75d344
SHA1 a1ba6cb443982a93518641cfd40746fde2caf98d
SHA256 e823d4f6f53410dcf3b14020b896e68c9dd5db7726e10c5b4ba8d8659db53d4d
ssdeep
24576:HtcsrHpODX1xLPu7jeoA9Nt1VDABkqMg:HtcQHUDFx7umoA9Nt1q7

File size 1.1 MB ( 1152512 bytes )
File type Win32 EXE
Magic literal

TrID Win32 Executable MS Visual C++ (generic) (53.1%)
Windows Screen Saver (18.4%)
Win32 Executable Generic (12.0%)
Win32 Dynamic Link Library (generic) (10.6%)
Generic Win/DOS Executable (2.8%)
VirusTotal metadata
First submission 2010-04-27 21:29:40 UTC ( 8 years, 3 months ago )
Last submission 2011-07-18 08:42:27 UTC ( 7 years, 1 month ago )
File names I39pond.xml
70F25B0391B1FAD042DD9ACE6D75D344
aa
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!