× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: eb34fc80aa8e6cb09e35ee88a55d833948f954070556d6e8d015525f4fe6725d
Detection ratio: 35 / 41
Analysis date: 2010-05-15 05:54:53 UTC ( 8 years, 8 months ago )
Antivirus Result Update
a-squared Packed.Win32.Katusha!IK 20100510
AhnLab-V3 Trojan/Win32.FakeAV 20100514
AntiVir TR/PCK.Katusha.J.513 20100514
Antiy-AVL Packed/Win32.Katusha.gen 20100514
Authentium W32/FakeSec.D.gen!Eldorado 20100514
Avast Win32:MalOb-AL 20100514
Avast5 Win32:MalOb-AL 20100514
AVG Cryptic.CM 20100514
BitDefender Gen:Heur.Krypt.26 20100515
CAT-QuickHeal Win32.Packed.Katusha.j.4 20100515
Comodo TrojWare.Win32.Trojan.Agent.Gen 20100515
DrWeb Trojan.Fakealert.14113 20100515
eTrust-Vet Win32/Katusha.B!packed 20100515
F-Prot W32/FakeSec.D.gen!Eldorado 20100514
F-Secure Packed:W32/MysticCompressor.gen!A 20100514
Fortinet W32/FraudPack.fam!tr 20100514
GData Gen:Heur.Krypt.26 20100515
Ikarus Packed.Win32.Katusha 20100514
Jiangmin Packed.Katusha.goi 20100514
Kaspersky Packed.Win32.Katusha.j 20100515
McAfee FakeAlert-MY 20100515
McAfee-GW-Edition Heuristic.LooksLike.Trojan.PCK.Katusha.I 20100515
Microsoft Trojan:Win32/FakeRean 20100514
NOD32 a variant of Win32/Kryptik.DJM 20100514
Panda Trj/Zlob.KH 20100514
PCTools RogueAntiSpyware.AntiVirus2010 20100515
Prevx High Risk Cloaked Malware 20100515
Sophos AV Mal/FakeAV-BT 20100515
Sunbelt VirTool.Win32.Obfuscator.hg!a (v) 20100515
Symantec Packed.Mystic!gen4 20100515
TheHacker Trojan/Katusha.j 20100514
TrendMicro TROJ_FAKEREAN.BU 20100514
TrendMicro-HouseCall TROJ_FAKEREAN.BU 20100515
VBA32 OScope.Trojan.0216 20100514
VirusBuster Trojan.Fraudpack.Gen!Pac.5 20100514
ClamAV 20100514
eSafe 20100513
Norman 20100514
nProtect 20100514
Rising 20100514
ViRobot 20100514
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 4
PE sections
PE imports
AdjustTokenPrivileges
RegCloseKey
DeleteService
CloseServiceHandle
OpenServiceA
RegDeleteKeyA
ControlService
OpenSCManagerA
LookupPrivilegeValueA
AllocateAndInitializeSid
GetTokenInformation
EqualSid
RegQueryValueExA
OpenProcessToken
FreeSid
RegDeleteValueA
RegEnumKeyExA
RegSetValueExA
RegOpenKeyExA
CreateDirectoryA
lstrcpynA
UnhandledExceptionFilter
SetEndOfFile
GetPrivateProfileStringA
SetUnhandledExceptionFilter
SetFilePointer
TerminateProcess
WaitForSingleObject
InterlockedExchange
GetLastError
GetTickCount
GlobalAlloc
QueryPerformanceCounter
GetExitCodeProcess
GetCurrentThreadId
GetModuleHandleA
GetCurrentProcess
UnmapViewOfFile
MoveFileExA
GetSystemDirectoryA
CloseHandle
FreeLibrary
GetCommandLineA
MapViewOfFile
DeleteFileA
LoadLibraryA
GlobalFree
GetWindowsDirectoryA
GetShortPathNameA
CreateProcessA
SetFileAttributesA
Sleep
FindClose
FindNextFileA
CreateFileW
VirtualProtect
GetVersionExA
InterlockedCompareExchange
GetProcAddress
FindFirstFileA
lstrcpyA
GetStartupInfoA
GetSystemTimeAsFileTime
CreateFileA
lstrcatA
CreateFileMappingA
RemoveDirectoryA
GetFileSize
lstrlenA
GetCurrentProcessId
__getmainargs
__setusermatherr
_amsg_exit
_mbsicmp
_acmdln
_cexit
_mbsupr
_adjust_fdiv
memcpy
memset
_ismbblead
strtok
__p__fmode
_getcwd
_mbschr
exit
_initterm
strstr
memmove
_mbsstr
_mbsinc
malloc
_XcptFilter
_terminate@@YAXXZ
_mbscmp
_controlfp
strchr
_exit
__p__commode
_access
__set_app_type
RtlUnwind
SetupDiCallClassInstaller
SetupDiGetClassDevsA
SetupDiOpenDevRegKey
SetupDiDeleteDeviceInfo
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SendMessageA
MessageBoxA
FindWindowA
LoadStringA
wsprintfA
ExitWindowsEx
LoadIconA
File identification
MD5 a3c3472ef1eae3162fbccdef6cc02c0a
SHA1 e73ba0bed0afcc3a85a0ecb4017dd077fd5298de
SHA256 eb34fc80aa8e6cb09e35ee88a55d833948f954070556d6e8d015525f4fe6725d
ssdeep
6144:bXqfGXt+tjFK/GpxUe7ZPjthej8o/EAyb0q5oDr:7UI8tRqCZJhej8aEAyb0q5oD

File size 199.5 KB ( 204288 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2010-03-29 19:04:51 UTC ( 8 years, 9 months ago )
Last submission 2010-05-15 05:54:53 UTC ( 8 years, 8 months ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!