已经有朋友先扫了
AhnLab-V3 2008.5.30.1 2008.06.03 -
AntiVir 7.8.0.26 2008.06.03 -
Authentium 5.1.0.4 2008.06.04 -
Avast 4.8.1195.0 2008.06.04 -
AVG 7.5.0.516 2008.06.04 BackDoor.RBot.AS
BitDefender 7.2 2008.06.04 -
CAT-QuickHeal 9.50 2008.06.03 Backdoor.Rbot.fsb
ClamAV 0.92.1 2008.06.04 -
DrWeb 4.44.0.09170 2008.06.03 -
eSafe 7.0.15.0 2008.06.03 -
eTrust-Vet 31.4.5845 2008.06.03 -
Ewido 4.0 2008.06.03 -
F-Prot 4.4.4.56 2008.06.02 -
Fortinet 3.14.0.0 2008.06.04 -
GData 2.0.7306.1023 2008.06.03 -
Ikarus T3.1.1.26.0 2008.06.04 -
Kaspersky 7.0.0.125 2008.06.04 -
McAfee 5309 2008.06.03 -
Microsoft None 2008.06.04 -
NOD32v2 3156 2008.06.03 -
Norman 5.80.02 2008.06.03 -
Panda 9.0.0.4 2008.06.04 Suspicious file
Prevx1 V2 2008.06.04 Malicious Software
Rising 20.47.12.00 2008.06.03 -
Sophos 4.29.0 2008.06.04 Sus/ComPack-C
Sunbelt 3.0.1143.1 2008.06.03 -
Symantec 10 2008.06.03 -
TheHacker 6.2.92.333 2008.06.03 -
VBA32 3.12.6.7 2008.06.03 -
VirusBuster 4.3.26:9 2008.06.03 -
Webwasher-Gateway 6.6.2 2008.06.03 Virus.Win32.FileInfector.gen (suspicious)
附加信息
File size: 946176 bytes
MD5...: ba27107f68b56ba9ce991a954259d75a
SHA1..: 22ea9418a7a4aecd997210e69e2ee32297e5e517
SHA256: 688b6881983936d406a21688bf0230d20e96edc33c6b5d6ab60a226e4d8fa19c
SHA512: bde1a6ab315289c6311caf48d396ad7d8fff0d14a37e65b7726bfeab48520588
7c4080ce0099c0397e2b62c2fea0a25ccf954dc76e13c967d4349f9a0e53dd9d
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x4b7000
timedatestamp.....: 0x4843ac92 (Mon Jun 02 08:17:22 2008)
machinetype.......: 0x14c (I386)
( 8 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x26b96 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rdata 0x28000 0xd592 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.data 0x36000 0x30a20 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.text1 0x67000 0x50000 0x43000 7.97 f729c94e5d6451c17b86085e1346dfd9
.adata 0xb7000 0x10000 0xd000 7.01 1038710a721073c352871d7b8aef5713
.data1 0xc7000 0x20000 0xb000 3.74 f38b9059d55a7031a666ba4082234abe
.pdata 0xe7000 0x90000 0x8a000 8.00 de4e81a92bc78591e067eaddc7af0074
.rsrc 0x177000 0x5b000 0x1000 0.50 1b19e9bed5126f945766ecb9072a1d55
( 3 imports )
> KERNEL32.dll: CreateThread, GlobalUnlock, GlobalLock, GlobalAlloc, GetTickCount, WideCharToMultiByte, IsBadReadPtr, GlobalAddAtomA, GlobalAddAtomW, GetModuleHandleA, GlobalFree, GlobalGetAtomNameA, GlobalDeleteAtom, GlobalGetAtomNameW, FreeConsole, GetEnvironmentVariableA, VirtualProtect, VirtualAlloc, GetProcAddress, GetLastError, LoadLibraryA, SetLastError, SetThreadPriority, GetCurrentThread, CreateProcessA, GetCommandLineA, GetStartupInfoA, SetEnvironmentVariableA, ReleaseMutex, WaitForSingleObject, CreateMutexA, OpenMutexA, GetCurrentThreadId, CreateFileA, FindClose, FindFirstFileA, FindFirstFileW, VirtualQueryEx, GetExitCodeProcess, ReadProcessMemory, UnmapViewOfFile, ContinueDebugEvent, SetThreadContext, GetThreadContext, WaitForDebugEvent, SuspendThread, DebugActiveProcess, ResumeThread, CreateProcessW, GetCommandLineW, GetStartupInfoW, CloseHandle, DuplicateHandle, GetCurrentProcess, CreateFileMappingA, VirtualProtectEx, WriteProcessMemory, ExitProcess, FlushFileBuffers, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, SetStdHandle, GetConsoleMode, GetConsoleCP, SetFilePointer, GetLocaleInfoA, GetStringTypeW, GetStringTypeA, LCMapStringW, MultiByteToWideChar, LCMapStringA, HeapSize, HeapReAlloc, QueryPerformanceCounter, VirtualFree, HeapCreate, HeapDestroy, GetFileType, SetHandleCount, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsA, RtlUnwind, DeleteCriticalSection, GetStdHandle, WriteFile, TlsFree, TlsSetValue, TlsAlloc, TlsGetValue, Sleep, EnterCriticalSection, LeaveCriticalSection, GetVersionExA, InitializeCriticalSection, GetCurrentProcessId, GetModuleFileNameW, GetShortPathNameW, GetModuleFileNameA, MapViewOfFile, GetShortPathNameA, GetSystemTimeAsFileTime, HeapFree, HeapAlloc, GetProcessHeap, RaiseException, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetCPInfo, InterlockedIncrement, InterlockedDecrement, GetACP, GetOEMCP, IsValidCodePage
> USER32.dll: GetDesktopWindow, MoveWindow, SetPropA, EnumThreadWindows, GetPropA, GetMessageA, GetSystemMetrics, SetTimer, GetAsyncKeyState, KillTimer, BeginPaint, EndPaint, SetWindowTextA, GetDlgItem, CreateDialogIndirectParamA, ShowWindow, UpdateWindow, LoadStringA, LoadStringW, FindWindowA, WaitForInputIdle, MessageBoxA, InSendMessage, UnpackDDElParam, FreeDDElParam, DefWindowProcA, LoadCursorA, RegisterClassW, CreateWindowExW, RegisterClassA, CreateWindowExA, GetWindowThreadProcessId, SendMessageW, SendMessageA, PeekMessageA, TranslateMessage, DispatchMessageA, EnumWindows, IsWindowUnicode, PackDDElParam, PostMessageW, PostMessageA, IsWindow, DestroyWindow
> GDI32.dll: CreateDCA, CreateDIBitmap, CreateCompatibleDC, SelectObject, SelectPalette, RealizePalette, BitBlt, DeleteDC, DeleteObject, CreatePalette
( 0 exports )
Prevx info: http://info.prevx.com/aboutprogr ... EC2E040DB0064612FE0
packers (F-Prot): Armadillo
packers (Kaspersky): Armadillo
注意: VirusTotal 是 Hispasec Sistemas 提供的免费服务. 我们不保证任何该服务的可用性和持续性. 尽管使用多种反病毒引擎所提供的检测率优于使用单一产品, 但这些结果并不保证文件无害. 目前来说, 没有任何一种解决方案可以提供 100% 的病毒和恶意软件检测率. 如果您购买了一款声称具有此能力的产品, 那么您可能已经成为受害者. |