drop agent gna 2

infiziert :( · 19.05.2009, 17:53

Dann Osaio

Dateigröße: 8Kb
Permalink: analisis/a33eb1d3e10a4f6ea5e353b73231d9c6
Hash Code: 9d1177c2a8de936b33d85ff75e8cbf1a
Analyse auf Virustotal:

Antivirus Version letzte aktualisierung Ergebnis
a-squared 4.0.0.101 2009.05.19 -
AhnLab-V3 5.0.0.2 2009.05.19 -
AntiVir 7.9.0.168 2009.05.19 -
Antiy-AVL 2.0.3.1 2009.05.19 -
Authentium 5.1.2.4 2009.05.19 -
Avast 4.8.1335.0 2009.05.18 -
AVG 8.5.0.336 2009.05.19 -
BitDefender 7.2 2009.05.19 -
CAT-QuickHeal 10.00 2009.05.19 -
ClamAV 0.94.1 2009.05.19 -
Comodo 1157 2009.05.08 -
DrWeb 5.0.0.12182 2009.05.19 -
eSafe 7.0.17.0 2009.05.19 -
eTrust-Vet 31.6.6511 2009.05.19 -
F-Prot 4.4.4.56 2009.05.18 -
F-Secure 8.0.14470.0 2009.05.19 -
Fortinet 3.117.0.0 2009.05.19 -
GData 19 2009.05.19 -
Ikarus T3.1.1.49.0 2009.05.19 -
K7AntiVirus 7.10.739 2009.05.19 -
Kaspersky 7.0.0.125 2009.05.19 -
McAfee 5619 2009.05.18 -
McAfee+Artemis 5619 2009.05.18 -
McAfee-GW-Edition 6.7.6 2009.05.19 -
Microsoft 1.4602 2009.05.19 -
NOD32 4087 2009.05.19 -
Norman 6.01.05 2009.05.18 -
nProtect 2009.1.8.0 2009.05.19 -
Panda 10.0.0.14 2009.05.18 -
PCTools 4.4.2.0 2009.05.18 -
Prevx 3.0 2009.05.19 -
Rising 21.30.14.00 2009.05.19 -
Sophos 4.41.0 2009.05.19 -
Sunbelt 3.2.1858.2 2009.05.18 -
Symantec 1.4.4.12 2009.05.19 -
TheHacker 6.3.4.1.327 2009.05.19 -
TrendMicro 8.950.0.1092 2009.05.19 -
VBA32 3.12.10.5 2009.05.19 -
ViRobot 2009.5.19.1740 2009.05.19 -
VirusBuster 4.6.5.0 2009.05.19 -
weitere Informationen
File size: 7296 bytes
MD5...: 9d1177c2a8de936b33d85ff75e8cbf1a
SHA1..: 78b5669f240d58d74f75e44f03c71ea4641dd102
SHA256: 82525e25441c4f3a3de6a8d2dfd6121592c25a99a9e506f05f158cdc3c17ab51
SHA512: ae5d8960fc47dd2c3a29d81ee8021e5ace27ea87017caf96affc9c6b541425e7
c1ce4f2c632f162520572d8d383418a37c7407db5d25845df52c64c3099b16e5
ssdeep: 96:I44YafOGpje9XUnHCQVlLfIvffhd1BSuacMBaVofLQqQUXU:8YdGpPnHfVVfI
vf5pSuYOMU
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (58.4%)
Clipper DOS Executable (13.8%)
Generic Win/DOS Executable (13.7%)
DOS Executable Generic (13.7%)
VXD Driver (0.2%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x11a4
timedatestamp.....: 0x42c39636 (Thu Jun 30 06:50:30 2005)
machinetype.......: 0x14c (I386)

( 6 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x480 0xe18 0xe80 6.28 135a69427eebb8c495baf0a99f32d550
.rdata 0x1300 0x144 0x180 3.19 f1b4852992923c814442a78afb95d6f5
.data 0x1480 0x4 0x80 0.26 8a65a8f2c1c961d9edecdac3bad497bb
INIT 0x1500 0x220 0x280 4.51 d4e690a132508388d8cd611730313d2e
.rsrc 0x1780 0x3e8 0x400 3.39 7f2190aca05c54aec10c5b7d00876a4b
.reloc 0x1b80 0x9e 0x100 3.08 1ac1ab98e222210237b2aaa2bfaa857c

( 2 imports )
> ntoskrnl.exe: IoDeleteDevice, IoDeleteSymbolicLink, RtlInitUnicodeString, IofCompleteRequest, IoCreateSymbolicLink, IoCreateDevice, ExAllocatePoolWithTag, ExFreePool, _except_handler3, strncmp, MmUnmapIoSpace, KeInitializeSpinLock, MmMapIoSpace
> HAL.dll: KfReleaseSpinLock, KeStallExecutionProcessor, WRITE_PORT_UCHAR, READ_PORT_UCHAR, HalGetBusData, KfAcquireSpinLock

( 0 exports )
PDFiD.: -
RDS...: NSRL Reference Data Set
-
CWSandbox info: <a href='http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=9d1177c2a8de936b33d85ff75e8cbf1a' target='_blank'>http://research.sunbelt-software.com/partnerresource/MD5.aspx?md5=9d1177c2a8de936b33d85ff75e8cbf1a</a>

drop agent gna 2

Log-Analyse und Auswertung: drop agent gna 2

drop agent gna 2

Ähnliche Themen: drop agent gna 2