Scribd Logo
Carica

Benvenuto in Scribd!

  • Analise Malware

    Caricato da

    jmarcellopereira
    65 visualizzazioni4 pagine
    Virustotal analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware.

    Descrizione originale:

    Titolo originale

    analise_malware

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    Virustotal analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    65 visualizzazioni4 pagine

    Analise Malware

    Caricato da

    jmarcellopereira
    Virustotal analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 4

    VirusTotal - Free Online Virus, Malware and URL...

    http://www.virustotal.com/le-scan/report.html?i...

    VTCommunity Signin

    Languages

    Virustotal is a service that analyzes


    suspicious files andURLs and facilitates the
    quickdetection ofviruses,worms,trojans,and
    all kinds of malware detected by antivirus
    engines.Moreinformation...

    0VTCommunityuser(s)withatotalof0reputationcredit(s)say(s)thissampleisgoodware.0VT
    Communityuser(s)withatotalof0reputationcredit(s)say(s)thissampleismalware.

    Filename:
    Submissiondate:
    Currentstatus:
    Result:

    MailHotmailPK7364552.com.vir
    2010-08-0306:09:35(UTC)
    finished
    30/42(71.4%)

    VTCommunity

    notreviewed
    Safetyscore:-

    Compact

    1 of 4

    Printresults

    Antivirus

    Version

    LastUpdate

    Result

    AhnLab-V3

    2010.08.03.00

    2010.08.03

    Downloader/Win32.Delf

    AntiVir

    8.2.4.32

    2010.08.02

    TR/Crypt.FKM.Gen

    Antiy-AVL

    2.0.3.7

    2010.08.02

    Authentium

    5.2.0.5

    2010.08.03

    W32/SysVenFak.B.gen!Eldorado

    Avast

    4.8.1351.0

    2010.08.02

    Win32:Rootkit-gen

    Avast5

    5.0.332.0

    2010.08.02

    Win32:Rootkit-gen

    AVG

    9.0.0.851

    2010.08.03

    Downloader.Banload.AZHZ

    BitDefender

    7.2

    2010.08.03

    Gen:Trojan.Heur.ei0frecT0vnG

    CAT-QuickHeal

    11.00

    2010.08.02

    (Suspicious) - DNAScan

    ClamAV

    0.96.0.3-git

    2010.08.03

    Comodo

    5626

    2010.08.03

    TrojWare.Win32.Spy.Banker.Gen

    DrWeb

    5.0.2.03300

    2010.08.03

    Trojan.DownLoader1.16411

    Emsisoft

    5.0.0.34

    2010.07.30

    Trojan-Downloader.Win32.Voila!IK

    eSafe

    7.0.17.0

    2010.08.02

    Win32.TRCrypt.Fkm

    eTrust-Vet

    36.1.7757

    2010.08.02

    F-Prot

    4.6.1.107

    2010.08.03

    W32/SysVenFak.B.gen!Eldorado

    F-Secure

    9.0.15370.0

    2010.08.03

    Gen:Trojan.Heur.ei0frecT0vnG

    Fortinet

    4.1.143.0

    2010.08.02

    GData

    21

    2010.08.03

    Gen:Trojan.Heur.ei0frecT0vnG

    Ikarus

    T3.1.1.84.0

    2010.08.03

    Trojan-Downloader.Win32.Voila

    Jiangmin

    13.0.900

    2010.08.01

    TrojanDownloader.Delf.xxx

    Kaspersky

    7.0.0.125

    2010.08.03

    Trojan-Downloader.Win32.Delf.aczj

    McAfee

    5.400.0.1158

    2010.08.03

    Suspect-AB!B7C5FC631EE2

    McAfee-GW-Edition

    2010.1

    2010.08.02

    Heuristic.LooksLike.Win32.Suspicious.C!85

    Microsoft

    1.6004

    2010.08.02

    TrojanDownloader:Win32/Banload.KJ

    08/21/2010 02:33 PM

    VirusTotal - Free Online Virus, Malware and URL...

    http://www.virustotal.com/le-scan/report.html?i...

    NOD32

    5335

    2010.08.02

    probably a variant of Win32/TrojanDownloader.Banlo


    ad.OZL

    Norman

    6.05.11

    2010.08.02

    W32/Suspicious.C4!genr

    nProtect

    2010-08-02.02

    2010.08.02

    Panda

    10.0.2.7

    2010.08.02

    Trj/CI.A

    PCTools

    7.0.3.5

    2010.08.03

    Prevx

    3.0

    2010.08.03

    Medium Risk Malware

    Rising

    22.59.01.01

    2010.08.03

    Trojan.Win32.Generic.5222A5AF

    Sophos

    4.56.0

    2010.08.03

    Mal/Banker-U

    Sunbelt

    6677

    2010.08.03

    Trojan.Win32.Generic!BT

    SUPERAntiSpyware

    4.40.0.1006

    2010.08.03

    Symantec

    20101.1.1.7

    2010.08.03

    TheHacker

    6.5.2.1.328

    2010.07.30

    TrendMicro

    9.120.0.1004

    2010.08.03

    TROJ_BANLOAD.CYP

    TrendMicro-HouseCall

    9.120.0.1004

    2010.08.03

    TROJ_BANLOAD.CYP

    VBA32

    3.12.12.7

    2010.08.02

    ViRobot

    2010.8.3.3968

    2010.08.03

    VirusBuster

    5.0.27.0

    2010.08.02

    Additionalinformation
    MD5

    : b7c5fc631ee25073f9b61d5228498703

    SHA1

    : e2448070e67481deac26ccdcb7db877ac744cfdd

    Showall

    SHA256: 4555599edf0f4f8e5b0f8b1770ab9a7d74683259b6a3ccbdd6a8cc9441486584
    ssdeep: 1536:neuat/d74L++xqszW6tl6Xk4dumIg0IUc/BUzz:eF7o++xnu83TJz
    File size : 73216 bytes
    First seen: 2010-07-31 00:09:06
    Last seen : 2010-08-03 06:09:35
    Magic: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
    TrID:
    Win32 EXE PECompact compressed (v2.x) (48.0%)
    Win32 EXE PECompact compressed (generic) (33.8%)
    Win32 Executable Generic (6.9%)
    Win32 Dynamic Link Library (generic) (6.1%)
    Win16/32 Executable Delphi generic (1.6%)
    sigcheck:
    publisher....:
    copyright....:
    product......:
    description..:
    original name:
    internal name:
    file version.:
    comments.....:
    signers......:
    signing date.:
    verified.....:

    Microsoft Corporation
    copyright (c) Microsoft Corporation

    4.1.2000.2
    Unsigned

    PEiD: -

    2 of 4

    08/21/2010 02:33 PM

    VirusTotal - Free Online Virus, Malware and URL...

    http://www.virustotal.com/le-scan/report.html?i...

    packers (Authentium): PecBundle, PECompact


    packers (F-Prot): PecBundle, PECompact
    packers (Kaspersky): PE_Patch.PECompact, PecBundle, PECompact
    PEInfo: PE structure information
    [[ basic data ]]
    entrypointaddress: 0x1000
    timedatestamp....: 0x4C532A82 (Fri Jul 30 19:39:46 2010)
    machinetype......: 0x14C (Intel I386)
    [[ 2 section(s) ]]
    name, viradd, virsiz, rawdsiz, ntropy, md5
    .text, 0x1000, 0x33000, 0xF800, 7.99, 4c46b9124eddb64f1a1e2b28c09bb5bd
    .rsrc, 0x34000, 0x3000, 0x2200, 6.06, 99a94994f15c1631f57efb71343b214b
    [[ 6 import(s) ]]
    advapi32.dll: RegQueryValueExA
    kernel32.dll: LoadLibraryA, GetProcAddress, VirtualAlloc, VirtualFree
    oleaut32.dll: SysFreeString
    shell32.dll: ShellExecuteA
    user32.dll: GetKeyboardType
    wininet.dll: InternetSetOptionA
    Prevx Info:
    http://info.prevx.com/aboutprogramtext.asp?PX5=5F95C96C00C5817D1E8001972B86AE00D5D88CB3
    Symantec reputation:Suspicious.Insight
    VTCommunity

    ThisfilehasneverbeenreviewedbyanyVTCommunitymember.Bethefirstonetocommentonit!

    VirusTotalTeam
    Addyourcomment...Rememberthatwhenyouwritecommentsasananonymoususertheyreceivethelowest
    possiblereputation.Soifyouhavenotsignedinyetdon'tforgettodoso.Howtomarkupyourcomments?

    Goodware

    Malware

    Spamattachment/link

    P2Pdownload

    PropagatingviaIM

    Networkworm

    Drive-by-download

    Previewcomment

    3 of 4

    Postcomment

    08/21/2010 02:33 PM

    VirusTotal - Free Online Virus, Malware and URL...

    http://www.virustotal.com/le-scan/report.html?i...

    ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the
    availabilityandcontinuityofthisservice.Althoughthedetectionrateaffordedbytheuseofmultipleantivirusenginesisfar
    superiortothatofferedbyjustoneproduct,theseresultsDONOTguaranteetheharmlessnessofafile.Currently,
    thereisnotanysolutionthatoffersa100%effectivenessratefordetectingvirusesandmalware.

    VirusTotalHispasecSistemas-

    4 of 4

    Blog-

    Twitter-Contact:info@virustotal.com-TermsofService&Privacy
    Policy

    08/21/2010 02:33 PM

    Potrebbero piacerti anche