× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ecbc0c9ab2cfcb9c4175897cae1e0d4a664b5b960ba3cb2875ad9676741613b5
File name: IqnEO6Vf.xdp
Detection ratio: 36 / 40
Analysis date: 2010-04-17 13:12:16 UTC ( 8 years, 1 month ago )
Antivirus Result Update
a-squared Trojan-Dropper.Win32.VB!IK 20100417
AntiVir TR/Dropper.Gen 20100416
Antiy-AVL Trojan/Win32.VB.gen 20100416
Authentium W32/VB.CUI 20100416
Avast Win32:Malware-gen 20100417
Avast5 Win32:Malware-gen 20100417
AVG Dropper.Generic.BRBO 20100417
BitDefender Trojan.Generic.3193752 20100417
CAT-QuickHeal Trojan.Agent.ATV 20100417
ClamAV Trojan.VB-8808 20100417
Comodo TrojWare.Win32.Trojan.Agent.Gen 20100417
DrWeb Trojan.Inject.8355 20100417
eSafe Win32.TRDropper 20100415
eTrust-Vet Win32/VB.HV 20100416
F-Prot W32/VB.CUI 20100416
F-Secure Net-Worm:W32/Koobface.GT 20100416
Fortinet W32/VB.ABSL!tr 20100417
GData Trojan.Generic.3193752 20100417
Ikarus Trojan-Dropper.Win32.VB 20100417
Jiangmin Trojan/VB.ues 20100417
Kaspersky Trojan.Win32.VB.absl 20100417
McAfee Generic.dx!nsa 20100417
McAfee-GW-Edition Trojan.Dropper.Gen 20100417
Microsoft Trojan:Win32/VB.AAN 20100417
NOD32 Win32/Koobface.NCK 20100416
Norman W32/Smalltroj.XAAF 20100416
Panda Trj/CI.A 20100417
PCTools Net-Worm.Koobface 20100417
Prevx Medium Risk Malware Dropper 20100417
Rising Trojan.Win32.Generic.51FAB19D 20100417
Sophos AV Troj/Drop-EU 20100417
Sunbelt Trojan.Win32.Generic!BT 20100417
Symantec W32.Koobface.D 20100417
TrendMicro TROJ_GEN.UAC221X 20100415
VBA32 Trojan.Win32.VB.absl 20100415
VirusBuster Trojan.DR.Agent.TBDT 20100416
AhnLab-V3 20100416
nProtect 20100417
TheHacker 20100416
ViRobot 20100417
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 3
PE sections
PE imports
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
ExitProcess
1 more function(s) imported by ordinal)
CallWindowProcA
File identification
MD5 66b767298d5be474afd0cc7ec59fcb6b
SHA1 7f57d6469f928f56a4457cef892935833ed66ac2
SHA256 ecbc0c9ab2cfcb9c4175897cae1e0d4a664b5b960ba3cb2875ad9676741613b5
ssdeep
768:k6LoD1meowMTE7nPRBLVii5MvDhfS8lh2AjnxoaClBDbXDQIT:3GseoN0X5MLhf7lgAbxoaClBDHQIT

File size 40.5 KB ( 41472 bytes )
File type unknown
Magic literal

TrID UPX compressed Win32 Executable (43.8%)
Win32 EXE Yoda's Crypter (38.1%)
Win32 Executable Generic (12.2%)
Generic Win/DOS Executable (2.8%)
DOS Executable Generic (2.8%)
VirusTotal metadata
First submission 2010-02-17 11:31:50 UTC ( 8 years, 3 months ago )
Last submission 2010-04-17 13:12:16 UTC ( 8 years, 1 month ago )
File names u3nrVUw8.ps1
IqnEO6Vf.xdp
Behaviour characterization
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!