1. Datei
Code:
Alles auswählen Aufklappen ATTFilter
Antivirus Version letzte aktualisierung Ergebnis
AhnLab-V3 2008.11.1.0 2008.10.31 -
AntiVir 7.9.0.10 2008.10.31 -
Authentium 5.1.0.4 2008.10.31 -
Avast 4.8.1248.0 2008.10.31 -
AVG 8.0.0.161 2008.10.31 -
BitDefender 7.2 2008.10.31 -
CAT-QuickHeal 9.50 2008.10.31 -
ClamAV 0.94.1 2008.10.31 -
DrWeb 4.44.0.09170 2008.10.31 -
eSafe 7.0.17.0 2008.10.30 -
eTrust-Vet 31.6.6184 2008.10.31 -
Ewido 4.0 2008.10.31 -
F-Prot 4.4.4.56 2008.10.31 -
F-Secure 8.0.14332.0 2008.10.31 Suspicious:W32/UltimateRAT.21!Gemini
Fortinet 3.117.0.0 2008.10.31 -
GData 19 2008.10.31 -
Ikarus T3.1.1.44.0 2008.10.31 -
K7AntiVirus 7.10.513 2008.10.31 -
Kaspersky 7.0.0.125 2008.10.31 -
McAfee 5419 2008.10.31 -
Microsoft 1.4005 2008.10.31 TrojanDownloader:Win32/Dabew
NOD32 3575 2008.10.31 -
Norman 5.80.02 2008.10.31 -
Panda 9.0.0.4 2008.10.31 Suspicious file
PCTools 4.4.2.0 2008.10.31 -
Prevx1 V2 2008.10.31 Fraudulent Security Program
Rising 21.01.42.00 2008.10.31 -
SecureWeb-Gateway 6.7.6 2008.10.31 -
Sophos 4.35.0 2008.10.31 -
Sunbelt 3.1.1767.2 2008.10.31 -
Symantec 10 2008.10.31 -
TheHacker 6.3.1.1.135 2008.10.31 -
TrendMicro 8.700.0.1004 2008.10.31 -
VBA32 3.12.8.9 2008.10.30 -
ViRobot 2008.10.31.1446 2008.10.31 -
VirusBuster 4.5.11.0 2008.10.31 -
weitere Informationen
File size: 100352 bytes
MD5...: ecb01538701840902f25159d401b00f4
SHA1..: c4f8a9ed9115100524fc10e4a12a058d71ea0d7a
SHA256: 50c1392d42de8336b666b9243ed257112b35dbd8f09018b8808af2c2c32f79ad
SHA512: adff3cc84a6704b060358bfb95845853dfdac3d57eeadb1ae2811888c8d75d06
ed300211b53883c6fc79fe43f10c618e556104579d2c15a139c98c69d12ef64f
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x405ea4
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)
( 8 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x6d8c 0x6e00 7.31 7c5d2599dfc5c5de35a167e1f078861e
DATA 0x8000 0xad0c 0xae00 6.25 97842ec0f6b64c6f6db13e775afabc08
BSS 0x13000 0xa45 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x14000 0x9d2 0xa00 4.64 730782252460a62355438c3f80d139cf
.tls 0x15000 0x8 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x16000 0x18 0x200 0.21 edbc3e5536a5fe87f44333e41c2f7759
.reloc 0x17000 0xa50 0xc00 6.26 4c695930e300345b9e28221a173c163e
.rsrc 0x18000 0x5000 0x5000 6.18 c75a1fde1799dd2354cfc20e75b9ae75
( 10 imports )
> kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetVersion, GetCurrentThreadId, GetThreadLocale, GetStartupInfoA, GetModuleFileNameA, GetLocaleInfoA, GetCommandLineA, FreeLibrary, ExitProcess, WriteFile, UnhandledExceptionFilter, RtlUnwind, RaiseException, GetStdHandle
> user32.dll: GetKeyboardType, MessageBoxA, CharNextA
> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
> oleaut32.dll: SysFreeString
> kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA
> advapi32.dll: RegSetValueExA, RegQueryValueExA, RegOpenKeyExA, RegDeleteValueA, RegCloseKey
> kernel32.dll: lstrlenA, lstrcpyA, lstrcmpiA, lstrcatA, WriteFile, WinExec, VirtualProtect, Sleep, LoadLibraryA, HeapFree, HeapAlloc, GetTickCount, GetProcessHeap, GetProcAddress, GetModuleHandleA, GetLastError, GetEnvironmentVariableA, FreeLibrary, FindNextFileA, FindFirstFileA, FindClose, FileTimeToLocalFileTime, FileTimeToDosDateTime, CreateFileA, CloseHandle
> gdi32.dll: TextOutA, StretchBlt, SetTextColor, SetBkMode, SetBkColor, SelectObject, MoveToEx, LineTo, DeleteObject, DeleteDC, CreateSolidBrush, CreatePen, CreateFontIndirectA, CreateCompatibleDC, BitBlt
> user32.dll: CreateWindowExA, UnregisterClassA, TranslateMessage, SystemParametersInfoA, ShowWindow, SetWindowPos, SetCursor, SendMessageA, ScreenToClient, RegisterClassA, PostQuitMessage, PeekMessageA, LoadImageA, LoadIconA, LoadCursorA, KillTimer, GetWindowLongA, GetSysColor, GetCursorPos, EndPaint, DrawIcon, DispatchMessageA, DestroyWindow, DefWindowProcA, BringWindowToTop, BeginPaint
> shell32.dll: ShellExecuteA
( 0 exports )
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=59937ED800677093882901B06FA5D4004F0E1806
packers (F-Prot): embedded
31.10.2008, 23:04
Baum-Darstellung