小马一只
ht(在线沙盘日志)tp://www.threatexpert.com/report.aspx?md5=3b15cd8b28d6273b9df7e3ebb38165c6
文件 TR87190-18721.doc.exe 接收于 2008.09.06 18:12:00 (CET)
结果: 29/36 (80.56%)
反病毒引擎 版本 最后更新 扫描结果
AhnLab-V3 2008.9.6.0 2008.09.06 Win-Trojan/Zbot.83968
AntiVir 7.8.1.28 2008.09.05 TR/Spy.ZBot.DFR
Authentium 5.1.0.4 2008.09.06 W32/Malware!OC-based
Avast 4.8.1195.0 2008.09.06 Win32:Agent-ABKB
AVG 8.0.0.161 2008.09.05 Pakes.AGO
BitDefender 7.2 2008.09.06 Trojan.Spy.ZBot.KW
CAT-QuickHeal 9.50 2008.09.06 -
ClamAV 0.93.1 2008.09.06 Trojan.Zbot-2081
DrWeb 4.44.0.09170 2008.09.06 Trojan.PWS.Panda.2
eSafe 7.0.17.0 2008.09.03 -
eTrust-Vet 31.6.6072 2008.09.05 Win32/Kollah.OT
Ewido 4.0 2008.09.06 -
F-Prot 4.4.4.56 2008.09.06 W32/Malware!OC-based
F-Secure 8.0.14332.0 2008.09.06 Trojan.Win32.Agent.acbn
Fortinet 3.112.0.0 2008.09.06 PossibleThreat
GData 19 2008.09.06 Trojan.Win32.Agent.acbn
Ikarus T3.1.1.34.0 2008.09.06 Trojan-Spy.Win32.Zbot.B5
K7AntiVirus 7.10.443 2008.09.05 Trojan.Win32.Malware.1
Kaspersky 7.0.0.125 2008.09.06 Trojan.Win32.Agent.acbn
McAfee 5378 2008.09.05 Spy-Agent.cf
Microsoft 1.3903 2008.09.06 PWS:Win32/Zbot.gen!B
NOD32v2 3423 2008.09.06 Win32/Spy.Agent.NIQ
Norman 5.80.02 2008.09.05 -
Panda 9.0.0.4 2008.09.06 Trj/Sinowal.VSY
PCTools 4.4.2.0 2008.09.06 -
Prevx1 V2 2008.09.06 Malicious Software
Rising 20.60.52.00 2008.09.06 -
Sophos 4.33.0 2008.09.06 Troj/NtRootK-DW
Sunbelt 3.1.1610.1 2008.09.05 Trojan.Win32.Agent.acbn
Symantec 10 2008.09.06 Infostealer
TheHacker 6.3.0.8.072 2008.09.04 -
TrendMicro 8.700.0.1004 2008.09.05 TROJ_AGENT.DAM
VBA32 3.12.8.5 2008.09.06 Trojan.Win32.Agent.acbn
ViRobot 2008.9.5.1365 2008.09.06 Spyware.Agent.83968.D
VirusBuster 4.5.11.0 2008.09.06 TrojanSpy.ZBot.AES
Webwasher-Gateway 6.6.2 2008.09.05 Trojan.Spy.ZBot.DFR
附加信息
File size: 83968 bytes
MD5...: 3b15cd8b28d6273b9df7e3ebb38165c6
SHA1..: 07dd9d271542e9e963b4e005a327fee75bba0dd9
SHA256: bb10c087b34e18c401340da59f73562c20596dfb1ea9bebe6f72a75e1ada04ec
SHA512: 5b8314dea98e19731bd0bab098385748942de0ab80a51191f443716b0fec259a
48562e2ce7644d376ad6041dbec901322bbacc10ace3e62f974da1f38a6dcd86
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (67.8%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
VXD Driver (0.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x401278
timedatestamp.....: 0x47fadfe7 (Tue Apr 08 03:00:55 2008)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xb9c 0xc00 4.81 6db9a58008969a057a9b538d3f366d4d
.rdata 0x2000 0x569 0x600 4.76 3292037ba2bc4d6dc1d891a15009eb0d
.data 0x3000 0x11f44ad 0xcc00 7.55 1e18280424b6610f66d4e57015d986e7
.reloc 0x11f8000 0xe 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0x11f9000 0x7000 0x6600 5.44 aa9ce03f62b538f9f45f2ef5675c8d71
( 3 imports )
> user32.dll: CopyImage, GetDlgItem, DrawIconEx, InsertMenuA, GetMenu, LoadCursorA, DialogBoxParamW, GetWindowTextLengthA, LoadMenuA, IsWindow, CopyIcon, CreateIcon, DrawIcon, GetDC, DrawTextW, GetCursor, GetFocus, DialogBoxParamA, CloseWindow, GetWindowTextA, IsMenu
> kernel32.dll: lstrcpynW, GetVersion, GetModuleFileNameA, LCMapStringA, lstrcatA, GetStringTypeA, CreateFileA, GetStdHandle, WriteFile, GetFileType, GetOEMCP, GetACP, GetStartupInfoA, MultiByteToWideChar, GetCurrentProcess, GetCPInfo, lstrcpynA, lstrcpyA, LCMapStringW, GetCommandLineA, SetFilePointer
> comctl32.dll: CreateUpDownControl, ImageList_DrawEx, DllGetVersion, CreateToolbar, ImageList_Add, CreateStatusWindow, DrawStatusText, ImageList_LoadImageW, DrawStatusTextW, ImageList_Destroy
( 0 exports )
Prevx info: ht tp://info.prevx.com/aboutprogramtext.asp?PX5=25EE37DD00B024FE4837010AF5FCAF00DD4E5378
VirSCAN.org Scanned Report :
Scanned time : 2008/09/07 00:13:26 (CST)
Scanner results: 72%的杀软(26/36)报告发现病毒
File Name : TR87190-18721.doc.exe
File Size : 83968 byte
File Type : PE32 executable for MS Windows (GUI) Intel 80386 32-bit
MD5 : 3b15cd8b28d6273b9df7e3ebb38165c6
SHA1 : 07dd9d271542e9e963b4e005a327fee75bba0dd9
Online report : ht tp://virscan.org/report/983b969b27a498577ffb8cb689bb0144.html
Scanner Engine Ver Sig Ver Sig Date Time Scan result
a-squared 4.0.0.11 2008.09.05 2008-09-05 1.85 -
安博士V3 2008.09.06.00 2008.09.06 2008-09-06 0.89 Win-Trojan/Zbot.83968
AntiVir 7.8.1.28 7.0.6.124 2008-09-05 2.24 TR/Spy.ZBot.DFR
Arcavir 1.0.5 200809051818 2008-09-05 1.20 Trojan.Downloader.Agent.Aenc
AVAST! 3.0.1 080905-0 2008-09-05 0.00 -
AVG 7.5.52.442 270.6.17/1655 2008-09-05 1.56 Pakes.AGO
BitDefender 7.60825.1727938 7.20828 2008-09-06 2.99 Trojan.Spy.ZBot.KW
CA (VET) 9.0.0.143 31.6.6072 2008-09-05 4.18 Win32/Kollah.OT trojan.
ClamAV 0.93.3 8174 2008-09-06 0.03 Trojan.Zbot-2081
Comodo 2.11 2.0.0.638 2008-09-05 0.43 -
CP Secure 1.1.0.715 2008.09.06 2008-09-06 6.63 Troj.W32.Agent.acbn
Dr.Web 4.44.0.9170 2008.09.06 2008-09-06 3.13 Trojan.PWS.Panda.2
ewido 4.0.0.2 2008.09.06 2008-09-06 3.96 -
F-Prot 4.4.4.56 20080906 2008-09-06 1.05 Possible W32/Malware!OC-based
F-Secure 5.51.6100 2008.09.06.01 2008-09-06 0.67 Trojan-Spy:W32/Zbot.SQ [Orion]
飞塔 2.81-3.112 9.521 2008-09-06 0.19 PossibleThreat
ViRobot 20080905 2008.09.05 2008-09-05 0.42 -
Ikarus T3.1.01.34 2008.09.06.71405 2008-09-06 3.30 Trojan-Spy.Win32.Zbot.B5
江民杀毒 11.0.706 2008.09.06 2008-09-06 2.19 Trojan/Agent.bjrk
卡巴斯基 5.5.10 2008.09.06 2008-09-06 0.03 Trojan.Win32.Agent.acbn
金山毒霸 2008.1.14.15 2008.9.6.15 2008-09-06 0.59 Win32.TrojDownloader.FraudLoadT.ab.110596
迈克菲 5.3.00 5378 2008-09-05 1.71 Spy-Agent.cf
Microsoft 1.3903 2008.09.06 2008-09-06 7.32 PWS:Win32/Zbot.gen!B
mks_vir 2.01 2008.08.25 2008-08-25 2.65 -
Norman 5.93.01 5.93.00 2008-09-05 5.19 -
熊猫卫士 9.05.01 2008.09.06 2008-09-06 4.08 Trj/Sinowal.VSY
趋势科技 8.700-1004 5.528.10 2008-09-06 0.02 TROJ_AGENT.ADAC
Quick Heal 9.50 2008.09.06 2008-09-06 2.73 -
瑞星 20.0 20.60.52.00 2008-09-06 1.10 -
Sophos 2.78.0 4.33 2008-09-06 1.70 Troj/NtRootK-DW
Sunbelt 3.1.1610.1 2216 2008-09-04 0.45 Trojan.Win32.Agent.acbn
赛门铁克 1.3.0.24 20080905.006 2008-09-05 0.07 Infostealer
nProtect 2008-09-04.00 2053231 2008-09-04 6.92 Trojan/W32.Agent.83968.X
The Hacker 6.3.0.6 v00072 2008-09-03 0.42 -
VBA32 3.12.8.5 20080906.0827 2008-09-06 1.23 Trojan.Win32.Agent.acbn
VirusBuster 4.5.11.10 10.87.4/623574 2008-09-06 0.90 TrojanSpy.ZBot.AES |