Код:
Файл avz00001.dta получен 2009.12.11 10:06:26 (UTC)
Текущий статус: закончено
Результат: 1/41 (2.44%)
Форматированные
Печать результатов Антивирус Версия Обновление Результат
a-squared 4.5.0.43 2009.12.11 -
AhnLab-V3 5.0.0.2 2009.12.11 -
AntiVir 7.9.1.108 2009.12.11 -
Antiy-AVL 2.0.3.7 2009.12.10 -
Authentium 5.2.0.5 2009.12.02 -
Avast 4.8.1351.0 2009.12.10 -
AVG 8.5.0.426 2009.12.10 -
BitDefender 7.2 2009.12.11 -
CAT-QuickHeal 10.00 2009.12.11 -
ClamAV 0.94.1 2009.12.11 -
Comodo 3203 2009.12.11 -
DrWeb 5.0.0.12182 2009.12.11 -
eSafe 7.0.17.0 2009.12.10 -
eTrust-Vet 35.1.7170 2009.12.11 -
F-Prot 4.5.1.85 2009.12.10 -
F-Secure 9.0.15370.0 2009.12.11 -
Fortinet 4.0.14.0 2009.12.11 -
GData 19 2009.12.11 -
Ikarus T3.1.1.74.0 2009.12.11 -
Jiangmin 13.0.900 2009.12.11 -
K7AntiVirus 7.10.917 2009.12.10 -
Kaspersky 7.0.0.125 2009.12.11 -
McAfee 5828 2009.12.10 -
McAfee+Artemis 5828 2009.12.10 -
McAfee-GW-Edition 6.8.5 2009.12.11 Heuristic.BehavesLike.Win32.Dropper.I
Microsoft 1.5302 2009.12.10 -
NOD32 4677 2009.12.10 -
Norman 6.04.03 2009.12.10 -
nProtect 2009.1.8.0 2009.12.11 -
Panda 10.0.2.2 2009.12.11 -
PCTools 7.0.3.5 2009.12.11 -
Prevx 3.0 2009.12.11 -
Rising 22.25.04.04 2009.12.11 -
Sophos 4.48.0 2009.12.11 -
Sunbelt 3.2.1858.2 2009.12.11 -
Symantec 1.4.4.12 2009.12.11 -
TheHacker 6.5.0.2.090 2009.12.10 -
TrendMicro 9.100.0.1001 2009.12.11 -
VBA32 3.12.12.0 2009.12.10 -
ViRobot 2009.12.11.2083 2009.12.11 -
VirusBuster 5.0.21.0 2009.12.10 -
Дополнительная информация
File size: 360448 bytes
MD5...: dc313d2226119a8fcc3c54729d251d94
SHA1..: 493718ae7ca627c7bfa32a0b566c0134bed20f96
SHA256: ebfe23120ea985c7586267572c7130296bf2895da82377a398df8ab02676228a
ssdeep: 6144:kmkIHUoRs0V+B9G7KAfHB2/+vbWTBll7tAO/YfkNM9Vps:dhVV+q7Bh2/6q
Trl7t5a
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0xbb4c
timedatestamp.....: 0x4b21463c (Thu Dec 10 19:04:28 2009)
machinetype.......: 0x14c (I386)
( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x405c2 0x40600 6.81 8a0c00b3b78cc3c0d06bc16da4d59515
.rdata 0x42000 0xd204 0xd400 6.54 095cdc6a1d8e41e8edb019dd71a27a1c
.data 0x50000 0xbb24 0x9e00 7.41 e5e7a279361a9a49962e8cfb7e44eb18
.shr 0x5c000 0x3 0x200 0.02 5b71e4c27591ccb21954d71d656b28fb
.rsrc 0x5d000 0x10 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b
( 8 imports )
> KERNEL32.dll: DeleteCriticalSection, EnterCriticalSection, LeaveCriticalSection, WinExec, CreateProcessW, SearchPathW, GetFileSize, CreateFileA, GetModuleFileNameA, TerminateProcess, Sleep, GetExitCodeProcess, GetLastError, CreateProcessA, DeleteFileW, SearchPathA, GetShortPathNameA, DeleteFileA, GetSystemDirectoryW, WideCharToMultiByte, ExitProcess, Process32NextW, Process32FirstW, CreateToolhelp32Snapshot, CreateMutexW, InitializeCriticalSection, LockResource, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, SetStdHandle, GetLocaleInfoA, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, GetSystemTimeAsFileTime, GetCurrentProcessId, QueryPerformanceCounter, GetCommandLineW, GetCommandLineA, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsA, SetFilePointer, GetSystemTime, SystemTimeToFileTime, LoadLibraryExW, ReadFile, GetModuleHandleW, SizeofResource, GetModuleHandleA, GetProcAddress, GetTickCount, CreateFileW, WriteFile, CloseHandle, AllocateUserPhysicalPages, SetEndOfFile, LoadLibraryA, GetShortPathNameW, CreateJobObjectW, GetModuleFileNameW, LoadResource, FindResourceA, FlushFileBuffers, GetConsoleMode, GetConsoleCP, RaiseException, MultiByteToWideChar, HeapSize, GetStartupInfoA, GetFileType, SetHandleCount, GetStdHandle, HeapCreate, HeapDestroy, HeapReAlloc, VirtualAlloc, VirtualFree, HeapAlloc, HeapFree, RtlUnwind, ExitThread, ResumeThread, CreateThread, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetVersionExA, GetProcessHeap, GetStartupInfoW, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, InterlockedIncrement, SetLastError, GetCurrentThreadId, InterlockedDecrement, GetCurrentProcess, IsDebuggerPresent, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage
> USER32.dll: UpdateWindow, MoveWindow, GetWindowDC, GetDesktopWindow, GetWindowRect, SetDlgItemTextA, DialogBoxParamW, CreateWindowExA, ReleaseDC, FindWindowW, SetWindowLongW, GetDC, GetWindowTextW, LoadCursorW, RegisterClassExW, GetMessageW, TranslateMessage, DispatchMessageW, UnregisterClassW, DefWindowProcW, KillTimer, PostQuitMessage, BeginPaint, EndPaint, SetTimer, ShowWindow, GetWindowLongW, CreateWindowExW, GetClientRect, RedrawWindow, DrawTextW
> GDI32.dll: SetBkMode, SetTextColor, CreateCompatibleBitmap, CreateCompatibleDC, BitBlt, GetDIBits, DeleteDC, CreatePen, SelectObject, CreateSolidBrush, Rectangle, DeleteObject, SetDIBitsToDevice, CreateFontW
> ADVAPI32.dll: RegSetValueExW, RegQueryValueExW, RegOpenKeyExW, RegCloseKey, RegCreateKeyExW
> SHELL32.dll: SHGetFolderPathA
> RPCRT4.dll: UuidCreate, RpcStringFreeW, UuidToStringW
> WININET.dll: InternetCloseHandle, InternetReadFile, HttpSendRequestW, HttpOpenRequestW, InternetConnectW, InternetOpenW, InternetCrackUrlW
> iphlpapi.dll: GetAdaptersInfo
( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
Сэмпл нужен тут кому-нибудь? И что там с vendors [at] spywarefix.org он еще работает?