IT' A COPY FOR MY LAST PROGRAM ...
File Fly_Range_By_DjCrujer.exe ricevuto il 2010.05.01 16:52:23 (UTC)
Stato corrente: finito
Risultato: 3/40 (7.50%) Formattato Stampa risultati Antivirus Versione Ultimo aggiornamento Risultato
a-squared 4.5.0.50 2010.05.01 Trojan.Win32.Agent.bcn!A2
AhnLab-V3 2010.05.02.00 2010.05.01 -
AntiVir 8.2.1.224 2010.04.30 -
Antiy-AVL 2.0.3.7 2010.04.30 -
Authentium 5.2.0.5 2010.05.01 -
Avast 4.8.1351.0 2010.05.01 -
Avast5 5.0.332.0 2010.05.01 -
AVG 9.0.0.787 2010.05.01 -
BitDefender 7.2 2010.05.01 -
CAT-QuickHeal 10.00 2010.05.01 -
ClamAV 0.96.0.3-git 2010.05.01 -
Comodo 4731 2010.05.01 -
DrWeb 5.0.2.03300 2010.05.01 -
eSafe 7.0.17.0 2010.04.29 -
eTrust-Vet 35.2.7462 2010.04.30 -
F-Prot 4.5.1.85 2010.04.30 -
F-Secure 9.0.15370.0 2010.05.01 Suspicious:W32/Malware!Gemini
Fortinet 4.0.14.0 2010.05.01 -
GData 21 2010.05.01 -
Ikarus T3.1.1.80.0 2010.05.01 -
Jiangmin 13.0.900 2010.05.01 -
Kaspersky 7.0.0.125 2010.05.01 -
McAfee 5.400.0.1158 2010.05.01 -
McAfee-GW-Edition 6.8.5 2010.05.01 Heuristic.LooksLike.Win32.Packed.C
Microsoft 1.5703 2010.05.01 -
NOD32 5077 2010.05.01 -
Norman 6.04.12 2010.05.01 -
nProtect 2010-05-01.01 2010.05.01 -
Panda 10.0.2.7 2010.05.01 -
PCTools 7.0.3.5 2010.05.01 -
Prevx 3.0 2010.05.01 -
Rising 22.45.04.03 2010.04.30 -
Sophos 4.53.0 2010.05.01 -
Sunbelt 6246 2010.05.01 -
Symantec 20091.2.0.41 2010.05.01 -
TheHacker 6.5.2.0.274 2010.04.30 -
TrendMicro 9.120.0.1004 2010.05.01 -
VBA32 3.12.12.4 2010.04.30 -
ViRobot 2010.5.1.2299 2010.05.01 -
VirusBuster 5.0.27.0 2010.04.30 -
Informazioni addizionali
File size: 279041 bytes
MD5 : db0c4eab08e9b4cf2af719f20cce9e38
SHA1 : e7f95d6137ec16cf8cad0cdc46a09937687dfbc0
SHA256: 0b0e199e28b1358231f154610cf8ec2ad0b8297826f73ff382 0a274368865166
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0xB2B80
timedatestamp.....: 0x4BC81615 (Fri Apr 16 09:47:33 2010)
machinetype.......: 0x14C (Intel I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0x70000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0x71000 0x42000 0x41E00 7.93 9527e3cf441cec70aff61655baedfd4c
.rsrc 0xB3000 0x2000 0x1A00 4.96 7786cf8dae0136f71e1ece17b2eb8ae8
( 16 imports )
> advapi32.dll: GetAce
> comctl32.dll: ImageList_Remove
> comdlg32.dll: GetSaveFileNameW
> gdi32.dll: LineTo
> kernel32.dll: LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree, ExitProcess
> mpr.dll: WNetGetConnectionW
> ole32.dll: CoInitialize
> oleaut32.dll: -
> psapi.dll: EnumProcesses
> shell32.dll: DragFinish
> user32.dll: GetDC
> userenv.dll: LoadUserProfileW
> version.dll: VerQueryValueW
> wininet.dll: FtpOpenFileW
> winmm.dll: timeGetTime
> wsock32.dll: -
( 0 exports )
TrID : File type identification
UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
Symantec reputation: Suspicious.Insight
ssdeep: 6144:M1db49+rEg024fpLZazEjvE/rbay19tSt4bO2BaDmeBJe59C:MjkArEN249AyE/rbaMct4bO2/VC
sigcheck: publisher....: n/a
copyright....: n/a
product......: n/a
description..:
original name: n/a
internal name: n/a
file version.: 3, 3, 6, 1
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEiD : -
packers (Kaspersky): PE_Patch.UPX, UPX
packers (F-Prot): UPX
RDS : NSRL Reference Data Set
.. q.q
