Antivirus Version Last Update Result
AhnLab-V3 2010.07.24.01 2010.07.23 -
AntiVir 8.2.4.26 2010.07.23 -
Antiy-AVL 2.0.3.7 2010.07.23 -
Authentium 5.2.0.5 2010.07.24 -
Avast 4.8.1351.0 2010.07.25 -
Avast5 5.0.332.0 2010.07.25 -
AVG 9.0.0.851 2010.07.25 -
BitDefender 7.2 2010.07.25 -
CAT-QuickHeal 11.00 2010.07.24 -
ClamAV 0.96.0.3-git 2010.07.25 -
Comodo 5535 2010.07.25 -
DrWeb 5.0.2.03300 2010.07.25 -
Emsisoft 5.0.0.34 2010.07.25 -
eSafe 7.0.17.0 2010.07.25 -
eTrust-Vet 36.1.7734 2010.07.24 -
F-Prot 4.6.1.107 2010.07.24 -
F-Secure 9.0.15370.0 2010.07.25 Suspicious:W32/Malware!Gemini
Fortinet 4.1.143.0 2010.07.24 -
GData 21 2010.07.24 -
Ikarus T3.1.1.84.0 2010.07.25 -
Jiangmin 13.0.900 2010.07.25 TrojanClicker.Agent.csf
Kaspersky 7.0.0.125 2010.07.25 -
McAfee 5.400.0.1158 2010.07.25 -
McAfee-GW-Edition 2010.1 2010.07.25 -
Microsoft 1.6004 2010.07.25 -
NOD32 5310 2010.07.25 -
Norman 6.05.11 2010.07.25 -
nProtect 2010-07-25.02 2010.07.25 -
Panda 10.0.2.7 2010.07.25 -
PCTools 7.0.3.5 2010.07.25 -
Prevx 3.0 2010.07.25 -
Rising 22.57.03.08 2010.07.23 -
Sophos 4.55.0 2010.07.25 -
Sunbelt 6636 2010.07.25 -
Symantec 20101.1.1.7 2010.07.25 -
TheHacker 6.5.2.1.324 2010.07.25 -
TrendMicro 9.120.0.1004 2010.07.25 -
TrendMicro-HouseCall 9.120.0.1004 2010.07.25 -
VBA32 3.12.12.6 2010.07.23 -
ViRobot 2010.7.23.3956 2010.07.24 -
VirusBuster 5.0.27.0 2010.07.25 -
Additional information
File size: 6134260 bytes
MD5...: f02fcdc28c7f0e04b82ceb047b919413
SHA1..: 6634548544c53336fe219e27d55bdaf4f7d877a3
SHA256: a68eeed309539be1583c4a967d4077ec0934b2df3bdef4faec ca0e8898cbed2d
ssdeep: 98304:ACFM44G39pDr1V5tRB0iSAWmvXsYZMV8bQQnmIJwDAGH sWpspHcxGuEW4X
CUT:P6o9pDr1Vn0iSATfjWVsWMvuEiUT
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x29940
timedatestamp.....: 0x3a2e957d (Wed Dec 06 19:37:33 2000)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0x1a000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0x1b000 0xf000 0xec00 7.91 6651d2390d2f4d60a07cea9b1bf3450e
.rsrc 0x2a000 0x1000 0x1000 3.39 79f1a804b29384e18fb2b8c70a0e867d
( 8 imports )
> KERNEL32.DLL: LoadLibraryA, GetProcAddress, ExitProcess
> ADVAPI32.dll: RegCloseKey
> GDI32.dll: BitBlt
> ole32.dll: CoInitialize
> OLEAUT32.dll: -
> SHELL32.dll: ShellExecuteA
> USER32.dll: GetDC
> VERSION.dll: VerQueryValueA
( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
packers (Kaspersky): UPX
packers (F-Prot): UPX
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
Symantec Reputation Network: Suspicious.Insight