× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: eaa3b664183b8ae3f7db8c36d7c52cb82d89ff7d5eee275f0c703dbe6913c12a
File name: K6COxrF.tgz
Detection ratio: 29 / 40
Analysis date: 2010-01-26 16:18:03 UTC ( 8 years, 7 months ago )
Antivirus Result Update
a-squared Email-Worm.Win32.VB.ar!IK 20100126
AntiVir TR/Crypt.FKM.Gen 20100126
Antiy-AVL Trojan/Win32.Agent.gen 20100126
Authentium W32/VB-Downloader-Minimi-based!Maximus 20100126
Avast Win32:Rootkit-gen 20100126
AVG Downloader.VB.CLP 20100126
BitDefender Gen:Trojan.Heur.am0@s0lf9Qli 20100126
CAT-QuickHeal (Suspicious) - DNAScan 20100125
Comodo TrojWare.Win32.TrojanDownloader.Agent.czli 20100126
DrWeb Trojan.DownLoad1.29174 20100126
F-Prot W32/VB-Downloader-Minimi-based!Maximus 20100125
F-Secure Gen:Trojan.Heur.am0@s0lf9Qli 20100126
Fortinet PossibleThreat 20100126
GData Gen:Trojan.Heur.am0@s0lf9Qli 20100126
Ikarus Email-Worm.Win32.VB.ar 20100126
K7AntiVirus Trojan-Downloader.Win32.Agent.czli 20100122
Kaspersky Trojan-Downloader.Win32.Agent.czli 20100126
McAfee Suspect-02!843230D51A93 20100125
McAfee+Artemis Suspect-02!843230D51A93 20100125
McAfee-GW-Edition Heuristic.LooksLike.Win32.Suspicious.H 20100126
NOD32 a variant of Win32/TrojanDownloader.VB.NYR 20100126
Norman W32/Banload.ASMZ 20100126
Panda Trj/CI.A 20100125
PCTools Trojan-PSW.Bancos 20100126
Prevx High Risk Information Stealer 20100126
Rising Trojan.Win32.VBDownLoaderU.a 20100126
Sophos AV Mal/TibsPk-A 20100126
Symantec Infostealer.Bancos 20100126
ViRobot Trojan.Win32.Downloader.15572 20100126
AhnLab-V3 20100126
ClamAV 20100126
eSafe 20100126
eTrust-Vet 20100126
Jiangmin 20100126
Microsoft 20100126
nProtect 20100126
Sunbelt 20100126
TheHacker 20100126
TrendMicro 20100126
VirusBuster 20100126
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 3
PE sections
PE imports
ExitProcess
LoadLibraryA
GetProcAddress
VirtualProtect
GlobalAlloc
GlobalFree
GetModuleHandleA
1 more function(s) imported by ordinal)
MessageBoxA
wsprintfA
File identification
MD5 843230d51a93c52714d69162c42cf143
SHA1 d79d0f748bacfd6414a8e2168d9ace7126ff537a
SHA256 eaa3b664183b8ae3f7db8c36d7c52cb82d89ff7d5eee275f0c703dbe6913c12a
ssdeep
384:/Tw/ie8zdTyBsyqAIZhgT1uK2W0QVFDCx52VEW9hX:/BWsyqAgg5uK5DCx5o/t

File size 15.2 KB ( 15572 bytes )
File type unknown
Magic literal

TrID Petite compressed Win32 executable (85.0%)
Win32 Executable Generic (10.1%)
Generic Win/DOS Executable (2.3%)
DOS Executable Generic (2.3%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2010-01-16 13:58:05 UTC ( 8 years, 8 months ago )
Last submission 2010-01-26 16:18:03 UTC ( 8 years, 7 months ago )
File names K6COxrF.tgz
PRqgw.scr
Behaviour characterization
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!