× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f4cb79fc01c1733003fbe414c6c6b0423c3e815993c550362c0c4986e5bcc0b4
Detection ratio: 32 / 42
Analysis date: 2010-07-21 18:16:19 UTC ( 7 years, 11 months ago )
Antivirus Result Update
AhnLab-V3 Win-Trojan/Variant.34816.Q 20100720
AntiVir TR/Refpron.H.70 20100721
Authentium W32/Refpron.I.gen!Eldorado 20100721
Avast Win32:Malware-gen 20100721
Avast5 Win32:Malware-gen 20100721
AVG Downloader.Delf.EBC 20100721
BitDefender Gen:Variant.Refpron.1 20100721
Comodo TrojWare.Win32.Koblu.F 20100721
DrWeb Trojan.Click1.5409 20100721
Emsisoft Trojan.Win32.Koblu!IK 20100721
eSafe Win32.GenVariant.Ref 20100721
eTrust-Vet Win32/Refpron.RN 20100721
F-Prot W32/Refpron.I.gen!Eldorado 20100721
F-Secure Gen:Variant.Refpron.1 20100721
GData Gen:Variant.Refpron.1 20100721
Ikarus Trojan.Win32.Koblu 20100721
Jiangmin Trojan/Koblu.xe 20100721
McAfee Refpron.gen.p 20100721
McAfee-GW-Edition Refpron.gen.p 20100721
Microsoft Trojan:Win32/Refpron.H 20100721
NOD32 a variant of Win32/Refpron.JR 20100721
Norman W32/Koblu.JX 20100720
nProtect Gen:Variant.Refpron.1 20100721
Panda Generic Trojan 20100721
PCTools Spyware.Screenspy 20100721
Prevx Medium Risk Malware 20100721
Rising AdWare.Win32.Mnless.awi 20100721
Sophos AV Mal/Koblu-E 20100721
Sunbelt Trojan.Win32.Generic!BT 20100721
Symantec Spyware.Screenspy 20100721
ViRobot Trojan.Win32.Koblu.34816.C 20100721
VirusBuster Trojan.Refpron.EBY 20100721
Antiy-AVL 20100721
CAT-QuickHeal 20100721
ClamAV 20100721
Fortinet 20100720
Kaspersky 20100721
SUPERAntiSpyware 20100721
TheHacker 20100720
TrendMicro 20100721
TrendMicro-HouseCall 20100721
VBA32 20100721
The file being studied is a Portable Executable file! More specifically, it is a unknown file.
FileVersionInfo properties
Publisher dreas company
Product Haus want
File version 5.1.2.5
Description dreas Haus
PE header basic information
Number of sections 7
PE sections
PE imports
GetCurrentThreadId
ExitProcess
UnhandledExceptionFilter
RtlUnwind
RaiseException
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
LocalFree
LocalAlloc
FreeLibrary
HeapFree
HeapReAlloc
HeapAlloc
GetProcessHeap
FreeLibrary
LoadLibraryExA
GetProcAddress
File identification
MD5 ce967e14ccbd03382bdf09c1a0066676
SHA1 d315029419a7405d3753e50a3a43162d581236a0
SHA256 f4cb79fc01c1733003fbe414c6c6b0423c3e815993c550362c0c4986e5bcc0b4
ssdeep
384:elzss+Dyb/pMjdy32VdZrct3ZyblequfXOWlKHzlhTLRKSlsiY+I6pm487pEwRIk:hrDUxe436ZAMNvRdls+pp2VEQIF

File size 34.0 KB ( 34816 bytes )
File type unknown
Magic literal

TrID Win32 Executable Generic (58.3%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.7%)
DOS Executable Generic (13.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
VirusTotal metadata
First submission 2010-05-16 05:43:00 UTC ( 8 years, 1 month ago )
Last submission 2010-07-21 18:16:19 UTC ( 7 years, 11 months ago )
Advanced heuristic and reputation engines
Symantec reputation Suspicious.Insight
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!