× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f001e094b13c5feea9fb651e713dca06777237de0a0292806003d965b9fe9ed2
Detection ratio: 33 / 41
Analysis date: 2010-05-14 09:19:57 UTC ( 8 years, 5 months ago )
Antivirus Result Update
a-squared Net-Worm.Win32.Koobface!IK 20100510
AhnLab-V3 Win32/Koobface.worm.11776.R 20100513
AntiVir BDS/Backdoor.Gen 20100514
Antiy-AVL Worm/Win32.Koobface.gen 20100513
Avast Win32:Malware-gen 20100513
Avast5 Win32:Malware-gen 20100513
AVG Proxy.AJWR 20100513
BitDefender Gen:Trojan.Heur.GZ.amGfbWh9vQd 20100514
CAT-QuickHeal I-Worm.Koobface.gfz 20100514
eSafe Win32.BDSBackdoor 20100513
eTrust-Vet Win32/Webservo.A 20100513
F-Secure Gen:Trojan.Heur.GZ.amGfbWh9vQd 20100514
GData Gen:Trojan.Heur.GZ.amGfbWh9vQd 20100514
Ikarus Net-Worm.Win32.Koobface 20100514
Jiangmin Worm/Koobface.axj 20100514
Kaspersky Net-Worm.Win32.Koobface.gfz 20100514
McAfee New Malware.ai 20100514
McAfee-GW-Edition Heuristic.LooksLike.Win32.Agent2.E 20100514
Microsoft Trojan:Win32/Koobface.gen!B 20100514
NOD32 a variant of Win32/TrojanProxy.Small.NEB 20100513
Norman W32/DLoader.AHYWD 20100514
Panda W32/Koobface.KD.worm 20100513
PCTools Voronezh.1600.A 20100514
Prevx Medium Risk Malware Downloader 20100514
Rising Trojan.Win32.Generic.51FD1E22 20100514
Sophos AV Troj/Capa-Gen 20100514
Sunbelt Trojan.Win32.Generic!BT 20100514
Symantec Downloader 20100514
TheHacker Trojan/Proxy.Small.neb 20100513
TrendMicro Mal_Koob-2 20100514
TrendMicro-HouseCall Mal_Koob-2 20100514
VBA32 Net-Worm.Win32.Koobface.gfz 20100513
VirusBuster Trojan.Rimod.FL 20100513
Authentium 20100514
ClamAV 20100514
Comodo 20100514
DrWeb 20100514
F-Prot 20100513
Fortinet 20100513
nProtect 20100513
ViRobot 20100514
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
PE header basic information
Number of sections 3
PE sections
PE imports
SetServiceStatus
IcmpSendEcho
LoadLibraryA
GetProcAddress
VirtualProtect
VirtualAlloc
VirtualFree
ExitProcess
_npos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@2IB
CoInitialize
1 more function(s) imported by ordinal)
PeekMessageA
1 more function(s) imported by ordinal)
File identification
MD5 42c8fbc2d130e5f28c9acd1f75eaf30e
SHA1 fc9d12cd296a64f758a8081127f280435bd75ed1
SHA256 f001e094b13c5feea9fb651e713dca06777237de0a0292806003d965b9fe9ed2
ssdeep
192:5iH9jTv8PYRhfCW0zZXn0LxTuhMLx88gXm7NGBHa9H+xnMEo0Tcgy7+jB:5idP0PYRMlZXQBuhcx88d7NQHBVll

File size 11.5 KB ( 11776 bytes )
File type unknown
Magic literal

TrID UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
VirusTotal metadata
First submission 2010-04-01 21:58:41 UTC ( 8 years, 6 months ago )
Last submission 2010-05-14 09:19:57 UTC ( 8 years, 5 months ago )
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!