Antivirus
|
Version
|
Last Update
|
Result
|
a-squared
|
4.5.0.50
|
2010.02.20
|
-
|
AhnLab-V3
|
5.0.0.2
|
2010.02.20
|
-
|
AntiVir
|
8.2.1.170
|
2010.02.19
|
PCK/ExeCryptor
|
Antiy-AVL
|
2.0.3.7
|
2010.02.19
|
-
|
Authentium
|
5.2.0.5
|
2010.02.20
|
-
|
Avast
|
4.8.1351.0
|
2010.02.19
|
-
|
AVG
|
9.0.0.730
|
2010.02.20
|
Win32/CryptExe
|
BitDefender
|
7.2
|
2010.02.20
|
-
|
CAT-QuickHeal
|
10.00
|
2010.02.19
|
-
|
ClamAV
|
0.96.0.0-git
|
2010.02.19
|
-
|
Comodo
|
4000
|
2010.02.20
|
Heur.Pck.EXECryptor
|
DrWeb
|
5.0.1.12222
|
2010.02.20
|
-
|
eSafe
|
7.0.17.0
|
2010.02.18
|
-
|
eTrust-Vet
|
35.2.7315
|
2010.02.20
|
-
|
F-Prot
|
4.5.1.85
|
2010.02.19
|
-
|
F-Secure
|
9.0.15370.0
|
2010.02.19
|
-
|
Fortinet
|
4.0.14.0
|
2010.02.18
|
-
|
GData
|
19
|
2010.02.20
|
-
|
Ikarus
|
T3.1.1.80.0
|
2010.02.20
|
-
|
Jiangmin
|
13.0.900
|
2010.02.20
|
-
|
K7AntiVirus
|
7.10.977
|
2010.02.18
|
-
|
Kaspersky
|
7.0.0.125
|
2010.02.17
|
-
|
McAfee
|
5897
|
2010.02.19
|
-
|
McAfee+Artemis
|
5897
|
2010.02.19
|
-
|
McAfee-GW-Edition
|
6.8.5
|
2010.02.19
|
Heuristic.LooksLike.Win32.SuspiciousPE.J
|
Microsoft
|
1.5406
|
2010.02.20
|
-
|
NOD32
|
4881
|
2010.02.19
|
-
|
Norman
|
6.04.08
|
2010.02.20
|
-
|
nProtect
|
2009.1.8.0
|
2010.02.20
|
-
|
Panda
|
10.0.2.2
|
2010.02.19
|
-
|
PCTools
|
7.0.3.5
|
2010.02.19
|
-
|
Prevx
|
3.0
|
2010.02.20
|
-
|
Rising
|
22.34.01.03
|
2010.02.11
|
-
|
Sophos
|
4.50.0
|
2010.02.20
|
-
|
Sunbelt
|
5689
|
2010.02.20
|
-
|
Symantec
|
20091.2.0.41
|
2010.02.20
|
Suspicious.Insight
|
TheHacker
|
6.5.1.5.202
|
2010.02.20
|
-
|
TrendMicro
|
9.120.0.1004
|
2010.02.20
|
PAK_Generic.009
|
VBA32
|
3.12.12.2
|
2010.02.19
|
-
|
ViRobot
|
2010.2.19.2194
|
2010.02.19
|
-
|
VirusBuster
|
5.0.27.0
|
2010.02.19
|
-
|
Additional information
|
File size: 1726976 bytes
|
MD5 : 500fe75d01437aeb454c3519650f4f32
|
SHA1 : 4c9c1546dcc2514aae8a97db4c2d0db933da66a1
|
SHA256: edc1eb15d249a46dca15f8bf30328d2a1d069a2a119417b0efb52559cfc66ff3
|
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x47892B
timedatestamp.....: 0x2A425E19 (Sat Jun 20 00:22:17 1992)
machinetype.......: 0x14C (Intel I386)
( 12 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x13F000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
DATA 0x140000 0x3000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
BSS 0x143000 0x2000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
aj7w670m 0x145000 0x3000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
lia3uc71 0x148000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.tls 0x149000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x14A000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
ecy5s.os 0x14B000 0x18000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x163000 0x18000 0x7A00 4.29 f48c797185061b13e3f56604f5877bff
benn6x6v 0x17B000 0x160000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
y91yv70a 0x2DB000 0x19E000 0x19D94F 7.99 a5d3a1c50cb5940118b3f1064e3f2aa0
.0liv3a7 0x479000 0x1000 0x200 7.56 96436a652c6fc36b5fda753bf1ffe101
( 0 imports )
( 0 exports )
|
TrID : File type identification
Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
|
ssdeep: 49152:si/CjhdkmfoOtnqxwn6L/xq7UMS8bYuZUZd:sNjhdkmfoWnqW6z07bRZUX
|
sigcheck: publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
|
PEiD : -
|
packers (Kaspersky): Execryptor
|
packers (F-Prot): EXECryptor
|
RDS : NSRL Reference Data Set
-
|