AhnLab-V3 2008.7.29.1 2008.07.30 Win-Trojan/Downloader.106496.T
AntiVir 7.8.1.12 2008.07.30 TR/Dldr.Agent.122
Authentium 5.1.0.4 2008.07.30 -
Avast 4.8.1195.0 2008.07.29 Win32:Trojan-gen {Other}
AVG 8.0.0.130 2008.07.29 Generic10.BHUD
BitDefender 7.2 2008.07.30 BehavesLike:Trojan.Downloader
CAT-QuickHeal 9.50 2008.07.29 TrojanDownloader.Agent.xkd
ClamAV 0.93.1 2008.07.30 -
DrWeb 4.44.0.09170 2008.07.30 Trojan.Fakealert.1080
eSafe 7.0.17.0 2008.07.29 -
eTrust-Vet 31.6.5994 2008.07.30 -
Ewido 4.0 2008.07.29 -
F-Prot 4.4.4.56 2008.07.30 -
F-Secure 7.60.13501.0 2008.07.30 Trojan-Downloader.Win32.Agent.xkd
Fortinet 3.14.0.0 2008.07.30 PossibleThreat
GData 2.0.7306.1023 2008.07.30 Trojan-Downloader.Win32.Agent.xkd
Ikarus T3.1.1.34.0 2008.07.30 BehavesLike.Trojan-Downloader
Kaspersky 7.0.0.125 2008.07.30 Trojan-Downloader.Win32.Agent.xkd
McAfee 5349 2008.07.29 Generic FakeAlert.a
Microsoft 1.3704 2008.07.28 -
NOD32v2 3308 2008.07.29 Win32/TrojanDownloader.Agent.OBE
Norman 5.80.02 2008.07.30 W32/DLoader.IPKX
Panda 9.0.0.4 2008.07.29 Trj/Downloader.MDW
PCTools 4.4.2.0 2008.07.30 Trojan-Downloader.Agent!sd6
Prevx1 V2 2008.07.30 Spyware
Rising 20.55.21.00 2008.07.30 -
Sophos 4.31.0 2008.07.30 Troj/Dloadr-BOV
Sunbelt 3.1.1537.1 2008.07.29 FakeAlert.PCHealthCenter
Symantec 10 2008.07.30 Downloader.MisleadApp
TheHacker 6.2.96.389 2008.07.25 -
TrendMicro 8.700.0.1004 2008.07.30 TROJ_AGENT.LDR
ViRobot 2008.7.29.1315 2008.07.29 -
VirusBuster 4.5.11.0 2008.07.29 -
Webwasher-Gateway 6.6.2 2008.07.30 Trojan.Dldr.Agent.122
Additional information
File size: 106496 bytes
MD5...: f10bc783207e5f193be1dcad62ed4d89
SHA1..: e6e02bf76fa2ae2788e62136357b175850ca4a66
SHA256: 1f83a175424b66a6f2b69b02eee503ed2b0e94ec37ae896679b69e189d64a8e9
SHA512: cee2787ffc4ccec476b09cdd2032a8fb5c4a37d1bf46c860c06445ba6a1bd98e
7b2c885425f331892db1999c08a6fe286af0aebd4dbda586beea82c8275844b8
PEiD..: Armadillo v1.71
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x40237e
timedatestamp.....: 0x4886fc84 (Wed Jul 23 09:40:20 2008)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xd9aa 0xe000 6.46 1dd38f087d0973d159c1ffb1244ab0f9
.rdata 0xf000 0x3ef0 0x4000 4.83 b201cf860a5804ac86f485d1a8475746
.data 0x13000 0x5a00 0x4000 1.21 f1b5ec8bc56659baddb0306656ca2bb0
.rsrc 0x19000 0x25e0 0x3000 3.33 dfeeecae71ff311cd5637bbdeb4d8d53
( 8 imports )
> KERNEL32.dll: RtlUnwind, GetStartupInfoA, GetCommandLineA, TerminateProcess, HeapFree, HeapAlloc, RaiseException, HeapReAlloc, HeapSize, GetACP, UnhandledExceptionFilter, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, SetHandleCount, GetStdHandle, GetFileType, GetEnvironmentVariableA, GetVersionExA, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, IsBadWritePtr, LCMapStringA, LCMapStringW, SetUnhandledExceptionFilter, GetStringTypeA, GetStringTypeW, IsBadReadPtr, IsBadCodePtr, WriteFile, GetCurrentProcess, SetErrorMode, GetOEMCP, GetCPInfo, GetProcessVersion, WritePrivateProfileStringA, GlobalFlags, lstrcpynA, TlsGetValue, LocalReAlloc, TlsSetValue, EnterCriticalSection, GlobalReAlloc, LeaveCriticalSection, TlsFree, GlobalHandle, DeleteCriticalSection, TlsAlloc, InitializeCriticalSection, LocalFree, LocalAlloc, SetLastError, LoadLibraryA, FreeLibrary, GetVersion, GlobalGetAtomNameA, GlobalAddAtomA, GlobalFindAtomA, GetProcAddress, GlobalUnlock, GlobalFree, MultiByteToWideChar, WideCharToMultiByte, lstrlenA, InterlockedDecrement, InterlockedIncrement, CloseHandle, GlobalLock, GlobalAlloc, GlobalDeleteAtom, lstrcmpA, lstrcmpiA, GetCurrentThread, GetCurrentThreadId, CreateThread, WinExec, Sleep, GetTempFileNameA, DeleteFileA, CopyFileA, OpenEventA, CreateEventA, GetLastError, ExitProcess, GetModuleHandleA, GetModuleFileNameA, MoveFileExA, lstrcpyA, lstrcatA, FindFirstFileA, FreeEnvironmentStringsA, FindClose
> USER32.dll: CopyRect, AdjustWindowRectEx, SetFocus, GetSysColor, MapWindowPoints, SetWindowTextA, ShowWindow, ClientToScreen, GetDC, ReleaseDC, BeginPaint, EndPaint, TabbedTextOutA, DrawTextA, GrayStringA, LoadCursorA, GetClassNameA, PtInRect, GetSysColorBrush, LoadStringA, DestroyMenu, GetTopWindow, GetCapture, WinHelpA, GetClassInfoA, RegisterClassA, GetMenu, GetMenuItemCount, GetSubMenu, GetMenuItemID, GetWindowTextA, GetDlgCtrlID, DefWindowProcA, CreateWindowExA, GetClassLongA, SetPropA, UnhookWindowsHookEx, GetPropA, CallWindowProcA, RemovePropA, GetMessageTime, GetMessagePos, GetForegroundWindow, SetForegroundWindow, GetWindow, SetWindowLongA, SetWindowPos, RegisterWindowMessageA, SystemParametersInfoA, GetWindowPlacement, EndDialog, DestroyWindow, GetDlgItem, GetMenuCheckMarkDimensions, LoadBitmapA, GetMenuState, ModifyMenuA, SetMenuItemBitmaps, CheckMenuItem, EnableMenuItem, GetFocus, GetNextDlgTabItem, GetMessageA, TranslateMessage, DispatchMessageA, GetActiveWindow, GetKeyState, CallNextHookEx, ValidateRect, IsWindowVisible, PeekMessageA, GetCursorPos, SetWindowsHookExA, GetParent, GetLastActivePopup, IsWindowEnabled, GetWindowLongA, MessageBoxA, SetCursor, PostQuitMessage, PostMessageA, EnableWindow, IsIconic, GetSystemMetrics, GetClientRect, DrawIcon, SendMessageA, LoadIconA, wsprintfA, GetWindowRect, UnregisterClassA
> GDI32.dll: OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, DeleteObject, SetViewportOrgEx, GetDeviceCaps, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, DeleteDC, GetObjectA, SetMapMode, SetBkColor, SetTextColor, GetStockObject, SelectObject, RestoreDC, CreateBitmap, GetClipBox, SaveDC
> WINSPOOL.DRV: OpenPrinterA, DocumentPropertiesA, ClosePrinter
> ADVAPI32.dll: RegOpenKeyExA, RegQueryValueExA, RegSetValueExA, RegCreateKeyExA, RegDeleteValueA, RegCloseKey
> COMCTL32.dll: -
> OLEAUT32.dll: -
> urlmon.dll: URLDownloadToFileA
( 0 exports )
Prevx info:
http://info.prevx.com/aboutprogramtext. ... 00A89D87D0 ThreatExpert info:
http://www.threatexpert.com/report.aspx ... ad62ed4d89 ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.