× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f95c858ffc66b1a403222adbbc5c6e1702547e03aa90cb4f344ae2e912fc3ab8
File name: 5C63E65BF656DE5F5ABB91BEE8CD2E74
Detection ratio: 34 / 43
Analysis date: 2011-07-17 04:55:12 UTC ( 6 years, 9 months ago )
Antivirus Result Update
AhnLab-V3 Win-Trojan/Pincav.417280 20110716
AntiVir TR/Crypt.XPACK.Gen 20110715
Avast Win32:Malware-gen 20110716
Avast5 Win32:Malware-gen 20110716
AVG Generic18.RCW 20110716
BitDefender Trojan.Generic.KD.17353 20110717
CAT-QuickHeal Trojan.Pincav.aclu 20110716
Commtouch W32/TrojanX.ENIN 20110717
Comodo TrojWare.Win32.Trojan.Agent.Gen 20110717
DrWeb Trojan.Fakealert.16479 20110716
Emsisoft Trojan.Win32.Pincav!IK 20110717
eSafe Win32.TRCrypt.XPACK 20110714
F-Prot W32/TrojanX.ENIN 20110717
F-Secure Trojan.Generic.KD.17353 20110717
GData Trojan.Generic.KD.17353 20110717
Ikarus Trojan.Win32.Pincav 20110717
Jiangmin Trojan/Pincav.fxp 20110714
K7AntiVirus Trojan 20110715
Kaspersky Trojan.Win32.Pincav.aclu 20110717
McAfee FakeAlert-DefCnt.b 20110717
McAfee-GW-Edition FakeAlert-DefCnt.b 20110716
Microsoft Rogue:Win32/FakeCog 20110716
NOD32 Win32/TrojanDownloader.Prodatect.AB 20110717
Norman W32/FakeAlert.CDDC!genr 20110716
Panda Adware/DefenseCenter 20110716
PCTools RogueAntiSpyware.DataProtection 20110713
Sophos AV Mal/FakeAV-EH 20110717
SUPERAntiSpyware Trojan.Agent/Gen-FraudPack 20110716
Symantec Trojan.Gen 20110717
TrendMicro TROJ_DLOADR.AUV 20110717
TrendMicro-HouseCall TROJ_DLOADR.AUV 20110717
VBA32 BScope.Trojan.MTA.0157 20110715
VIPRE Trojan.Win32.Generic.pak!cobra 20110717
VirusBuster Trojan.Pincav!9YaOJN7vNc4 20110716
Antiy-AVL 20110715
ClamAV 20110717
eTrust-Vet 20110715
Fortinet 20110717
nProtect 20110716
Prevx 20110717
Rising 20110715
TheHacker 20110717
ViRobot 20110716
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file.
PE header basic information
Number of sections 4
PE sections
PE imports
FreeEnvironmentStringsW
GetACP
TlsGetValue
GlobalDeleteAtom
CreateProcessW
EnumSystemLocalesW
GlobalFindAtomW
DeleteFileW
GetProcAddress
EndUpdateResourceW
GetModuleHandleW
File identification
MD5 5c63e65bf656de5f5abb91bee8cd2e74
SHA1 bb515a3a0f248f81cf9bda752cf6dbfd7f973c58
SHA256 f95c858ffc66b1a403222adbbc5c6e1702547e03aa90cb4f344ae2e912fc3ab8
ssdeep
12288:sv0cljy7I9lI13OUjN9DxTYgsFiJ6v7tqEd:svzy7IuzjTYgtg7t

File size 407.5 KB ( 417280 bytes )
File type Win32 EXE
Magic literal

TrID Win32 Executable MS Visual C++ (generic) (72.1%)
Win32 Executable Generic (16.3%)
Clipper DOS Executable (3.8%)
Generic Win/DOS Executable (3.8%)
DOS Executable Generic (3.8%)
VirusTotal metadata
First submission 2010-06-23 15:17:10 UTC ( 7 years, 10 months ago )
Last submission 2011-07-17 04:55:12 UTC ( 6 years, 9 months ago )
File names 5C63E65BF656DE5F5ABB91BEE8CD2E74
aa
IJqwtJI.xlt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!