datei: 1928_782.exe
Code:
Alles auswählen Aufklappen ATTFilter
Datei 1928_782.exe empfangen 2009.09.22 13:31:55 (UTC)
Ergebnis: 31/41 (75.61%)
Antivirus Version letzte aktualisierung Ergebnis
a-squared 4.5.0.24 2009.09.22 Trojan-Spy.Win32.VB!IK
AhnLab-V3 5.0.0.2 2009.09.22 -
AntiVir 7.9.1.23 2009.09.22 W32/Virut.Gen
Antiy-AVL 2.0.3.7 2009.09.22 -
Authentium 5.1.2.4 2009.09.21 W32/Virut.AI!Generic
Avast 4.8.1351.0 2009.09.21 -
AVG 8.5.0.412 2009.09.22 PSW.Generic7.AABB
BitDefender 7.2 2009.09.22 Win32.Virtob.Gen.12
CAT-QuickHeal 10.00 2009.09.22 W32.Virut.G
ClamAV 0.94.1 2009.09.22 -
Comodo 2402 2009.09.22 -
DrWeb 5.0.0.12182 2009.09.22 Win32.Virut.56
eSafe 7.0.17.0 2009.09.21 Suspicious File
eTrust-Vet 31.6.6753 2009.09.22 Win32/Virut.17408
F-Prot 4.5.1.85 2009.09.21 W32/Virut.AI!Generic
F-Secure 8.0.14470.0 2009.09.22 Virus.Win32.Virut.ce
Fortinet 3.120.0.0 2009.09.22 W32/Virut.NBP
GData 19 2009.09.22 Win32.Virtob.Gen.12
Ikarus T3.1.1.72.0 2009.09.22 Trojan-Spy.Win32.VB
Jiangmin 11.0.800 2009.09.22 -
K7AntiVirus 7.10.851 2009.09.22 -
Kaspersky 7.0.0.125 2009.09.22 Virus.Win32.Virut.ce
McAfee 5748 2009.09.21 W32/Virut.n.gen
McAfee+Artemis 5748 2009.09.21 W32/Virut.n.gen
McAfee-GW-Edition 6.8.5 2009.09.22 Heuristic.LooksLike.Win32.Suspicious.A!93
Microsoft 1.5005 2009.09.22 Virus:Win32/Virut.BM
NOD32 4447 2009.09.22 Win32/Virut.NBP
Norman 6.01.09 2009.09.22 W32/Virut.DI
nProtect 2009.1.8.0 2009.09.22 -
Panda 10.0.2.2 2009.09.22 W32/Sality.AO
PCTools 4.4.2.0 2009.09.22 -
Prevx 3.0 2009.09.22 -
Rising 21.48.14.00 2009.09.22 Win32.Virut.co
Sophos 4.45.0 2009.09.22 W32/Scribble-B
Sunbelt 3.2.1858.2 2009.09.22 Virus.Win32.Virut.ce (v)
Symantec 1.4.4.12 2009.09.22 W32.Virut.CF
TheHacker 6.5.0.2.014 2009.09.21 W32/Virut.gen3
TrendMicro 8.950.0.1094 2009.09.22 PE_VIRUX.J
VBA32 3.12.10.10 2009.09.21 Virus.Win32.Virut.X6
ViRobot 2009.9.22.1948 2009.09.22 Win32.Virut.AM
VirusBuster 4.6.5.0 2009.09.21 Win32.Virut.AB.Gen
weitere Informationen
File size: 46592 bytes
MD5...: 3452967f949efe2ca0784d64160aa086
SHA1..: c490182a9662e55ae2b0d0c5ee1364755ce350a5
SHA256: a2cf24b1e0a6dbdb47ce7f22e8924fa5aa5e12fc1761dcee7ee9cb71f4d70ea5
ssdeep: 768:7EenqtfuaebiwJGqs+ks54YndXwZG6lSBR1SvdJTEoBZq99LNGAde:genCKb
i47qgZwZDlSvxoo9LN7
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x170de
timedatestamp.....: 0x2dbcd69 (Sat Jul 10 02:03:21 1971)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0xf000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0x10000 0x6000 0x5400 7.86 f2ca87747ffc3fe606fead6723e99939
.rsrc 0x16000 0x6000 0x5e00 7.42 7d7fead48ded989991bb73fae4e5683d
( 2 imports )
> KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, ExitProcess
> MSVBVM60.DLL: -
( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: AutoDownload
description..: n/a
original name: test.exe
internal name: test
file version.: 1.00
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
22.09.2009, 14:36
Baum-Darstellung