× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: fbd20f2d1e469594e810b4feac4c4ece62e7e8d4b5b3e980cedbe80da7a9f64d
File name: zaccess.exe
Detection ratio: 13 / 43
Analysis date: 2011-09-15 22:26:18 UTC ( 3 years, 8 months ago ) View latest
Antivirus Result Update
AhnLab-V3 Backdoor/Win32.ZAccess 20110915
Comodo TrojWare.Win32.Trojan.Agent.Gen 20110915
DrWeb BackDoor.Maxplus.25 20110915
Emsisoft Backdoor.Win32.ZAccess!IK 20110915
Ikarus Backdoor.Win32.ZAccess 20110915
K7AntiVirus Riskware 20110915
Kaspersky Backdoor.Win32.ZAccess.aip 20110915
McAfee W32/Sirefef.b 20110915
McAfee-GW-Edition Artemis!67402D11B958 20110915
Microsoft TrojanDropper:Win32/Sirefef.B 20110915
Panda Suspicious file 20110915
TrendMicro-HouseCall BKDR_ZACCESS.G 20110916
VIPRE Trojan.Win32.Generic!BT 20110915
AVG 20110915
AntiVir 20110915
Antiy-AVL 20110915
Avast 20110915
Avast5 20110915
BitDefender 20110916
ByteHero 20110913
CAT-QuickHeal 20110915
ClamAV 20110915
Commtouch 20110915
F-Prot 20110915
F-Secure 20110915
Fortinet 20110915
GData 20110915
Jiangmin 20110915
NOD32 20110915
Norman 20110915
PCTools 20110915
Prevx 20110916
Rising 20110909
SUPERAntiSpyware 20110915
Sophos 20110916
Symantec 20110915
TheHacker 20110915
TrendMicro 20110915
VBA32 20110915
ViRobot 20110915
VirusBuster 20110915
eSafe 20110915
eTrust-Vet 20110915
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
Developer metadata
Copyright
Copyleft (c) Island York 2001-2011

Publisher Ray Ezra
Product Harv Donut Index Kate
Original name Troll.exe
Internal name Slams Misc
File version 9.8
Description Mash Miami Icon Crane
Packers identified
Command UPX
F-PROT UPX
PEiD UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2011-02-21 18:41:25
Entry Point 0x0004DA30
Number of sections 3
PE sections
PE imports
LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree, ExitProcess
ExifTool file metadata
SubsystemVersion
4.0

LinkerVersion
8.12

ImageVersion
4.0

FileSubtype
0

FileVersionNumber
9.8.0.0

UninitializedDataSize
81920

LanguageCode
English (U.S.)

FileFlagsMask
0x003f

CharacterSet
Unicode

InitializedDataSize
4096

FileOS
Windows NT 32-bit

MIMEType
application/octet-stream

LegalCopyright
Copyleft Island York 2001-2011

FileVersion
9.8

TimeStamp
2011:02:21 10:41:25-08:00

FileType
Win32 EXE

PEType
PE32

InternalName
Slams Misc

ProductVersion
9.8

FileDescription
Mash Miami Icon Crane

OSVersion
4.0

OriginalFilename
Troll.exe

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
Ray Ezra

CodeSize
233472

ProductName
Harv Donut Index Kate

ProductVersionNumber
9.8.0.0

EntryPoint
0x4da30

ObjectFileType
Executable application

File identification
MD5 67402d11b958dbcc84cd2d212ba2cc1e
SHA1 9b631b62a7f7186e5cf8f880f0aa20d27b5470d6
SHA256 fbd20f2d1e469594e810b4feac4c4ece62e7e8d4b5b3e980cedbe80da7a9f64d
ssdeep
6144:3zKLmbL29la/J1ANjYvaHTSkAF3//4l69lmCF:jKawqvkAV/c69

File size 231.0 KB ( 236544 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit, UPX compressed

TrID UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
Tags
upx

VirusTotal metadata
First submission 2011-09-15 08:39:07 UTC ( 3 years, 8 months ago )
Last submission 2012-04-27 08:03:54 UTC ( 3 years, 1 month ago )
File names smona131609241516766495211
67402D11B958DBCC84CD2D212BA2CC1E.exe
Flash_Player_10.3.187_update_for_Win.exe
zaccess.exe
dogsex_005.avi.exe
67402d11b958dbcc84cd2d212ba2cc1e
67402D11B958DBCC84CD2D212BA2CC1E.tmp
dog-doing-girl.avi.exe
1014296
file-2786309_exe
1013884
Flash_Player_v10.3_for_Windows.exe
67402D11B958DBCC84CD2D212BA2CC1E
animal-porn-movie.avi.exe
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!