-
File SecureZIP.12.2.exe received on 2009.07.16 15:43:22 (UTC)
Result: 13/41 (31.71%)
[QUOTE][B]a-squared 4.5.0.24 2009.07.16 Trojan.Win32.Alureon!IK[/B]
AhnLab-V3 5.0.0.2 2009.07.16 -
[B]AntiVir 7.9.0.215 2009.07.16 TR/Dropper.Gen[/B]
Antiy-AVL 2.0.3.7 2009.07.16 -
Authentium 5.1.2.4 2009.07.16 -
[B]Avast 4.8.1335.0 2009.07.16 NSIS:Fasec-AR[/B]
AVG 8.5.0.387 2009.07.16 -
BitDefender 7.2 2009.07.16 -
CAT-QuickHeal 10.00 2009.07.16 -
ClamAV 0.94.1 2009.07.16 -
Comodo 1671 2009.07.16 -
DrWeb 5.0.0.12182 2009.07.16 -
[B]eSafe 7.0.17.0 2009.07.16 Suspicious File[/B]
eTrust-Vet 31.6.6617 2009.07.15 -
F-Prot 4.4.4.56 2009.07.16 -
[B]F-Secure 8.0.14470.0 2009.07.16 Packed.Win32.Tdss.w[/B]
Fortinet 3.120.0.0 2009.07.16 -
[B]GData 19 2009.07.16 NSIS:Fasec-AR[/B]
[B]Ikarus T3.1.1.64.0 2009.07.16 Trojan.Win32.Alureon[/B]
[B]Jiangmin 11.0.800 2009.07.16 Trojan/TDSS.daa[/B]
K7AntiVirus 7.10.793 2009.07.15 -
Kaspersky 7.0.0.125 2009.07.16 -
McAfee 5677 2009.07.15 -
McAfee+Artemis 5677 2009.07.15 -
[B]McAfee-GW-Edition 6.8.5 2009.07.16 Trojan.Dropper.Gen[/B]
[B]Microsoft 1.4803 2009.07.16 Trojan:Win32/Alureon.gen!J[/B]
[B]NOD32 4250 2009.07.16 a variant of Win32/Kryptik.YR[/B]
Norman 6.01.09 2009.07.16 -
nProtect 2009.1.8.0 2009.07.16 -
Panda 10.0.0.14 2009.07.15 -
PCTools 4.4.2.0 2009.07.16 -
[B]Prevx 3.0 2009.07.16 Medium Risk Malware[/B]
Rising 21.38.34.00 2009.07.16 -
[B]Sophos 4.43.0 2009.07.16 Mal/WaledPak-D[/B]
Sunbelt 3.2.1858.2 2009.07.16 -
Symantec 1.4.4.12 2009.07.16 -
TheHacker 6.3.4.3.368 2009.07.15 -
TrendMicro 8.950.0.1094 2009.07.16 -
VBA32 3.12.10.8 2009.07.15 -
ViRobot 2009.7.16.1839 2009.07.16 -
VirusBuster 4.6.5.0 2009.07.16 -[/QUOTE]
[url]http://www.virustotal.com/analisis/f87d7303c514b97308a07d29cb32874bc73ba46622586b70009d57afa115f1bd-1247759002[/url]
-
File sdra64.exe received on 2009.07.16 17:41:52 (UTC)[CODE]Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.07.16 -
AhnLab-V3 5.0.0.2 2009.07.16 -
[B]AntiVir 7.9.0.220 2009.07.16 TR/Crypt.ZPACK.Gen[/B]
Antiy-AVL 2.0.3.7 2009.07.16 -
Authentium 5.1.2.4 2009.07.16 -
[B]Avast 4.8.1335.0 2009.07.16 Win32:MalOb-A
AVG 8.5.0.387 2009.07.16 Win32/Cryptor[/B]
[B]BitDefender 7.2 2009.07.16 Gen:Trojan.Heur.Hype.90A35C5C5C[/B]
CAT-QuickHeal 10.00 2009.07.16 -
ClamAV 0.94.1 2009.07.16 -
Comodo 1672 2009.07.16 -
DrWeb 5.0.0.12182 2009.07.16 -
eSafe 7.0.17.0 2009.07.16 -
eTrust-Vet 31.6.6617 2009.07.15 -
F-Prot 4.4.4.56 2009.07.16 -
[B]F-Secure 8.0.14470.0 2009.07.16 Trojan-Spy.Win32.Zbot.gen[/B]
Fortinet 3.120.0.0 2009.07.16 -
[B]GData 19 2009.07.16 Gen:Trojan.Heur.Hype.90A35C5C5C[/B]
Ikarus T3.1.1.64.0 2009.07.16 -
Jiangmin 11.0.800 2009.07.16 -
[B]K7AntiVirus 7.10.794 2009.07.16 Trojan-Spy.Win32.Zbot.gen
Kaspersky 7.0.0.125 2009.07.16 Trojan-Spy.Win32.Zbot.gen[/B]
McAfee 5678 2009.07.16 -
McAfee+Artemis 5678 2009.07.16 -
[B]McAfee-GW-Edition 6.8.5 2009.07.16 Trojan.Crypt.ZPACK.Gen
Microsoft 1.4803 2009.07.16 PWS:Win32/Zbot.gen!R
NOD32 4250 2009.07.16 a variant of Win32/Kryptik.TL
Norman 6.01.09 2009.07.16 W32/Zbot.ESV[/B]
nProtect 2009.1.8.0 2009.07.16 -
Panda 10.0.0.14 2009.07.16 -
PCTools 4.4.2.0 2009.07.16 -
Prevx 3.0 2009.07.16 -
Rising 21.38.34.00 2009.07.16 -
[B]Sophos 4.43.0 2009.07.16 Mal/Zbot-O
Sunbelt 3.2.1858.2 2009.07.16 Trojan-Spy.Win32.Zbot.gen (v)
Symantec 1.4.4.12 2009.07.16 Packed.Generic.232[/B]
TheHacker 6.3.4.3.368 2009.07.15 -
TrendMicro 8.950.0.1094 2009.07.16 -
VBA32 3.12.10.8 2009.07.15 -
ViRobot 2009.7.16.1839 2009.07.16 -
VirusBuster 4.6.5.0 2009.07.16 -
[/CODE]
[CODE]Additional information
File size: 156160 bytes
MD5...: f7cd54f260e52fb08dc7f38db11bb34a
SHA1..: 99c40ae7bdaa1d287178a6bb713281d543369a54
SHA256: 748ac452367616eb940189dee2caba47d7030f3ebf4151972a55da6b309d462e
ssdeep: 3072:VMrS7qraRKxp/0mrAu6hwImYKmAJOIN39+wYC6LdiBxrBQv4naihOvE25:S<BR>MKxWmrAthwIU7OINt+QNxr+7vEi<BR>
PEiD..: -
TrID..: File type identification<BR>Win32 Executable Generic (42.3%)<BR>Win32 Dynamic Link Library (generic) (37.6%)<BR>Generic Win/DOS Executable (9.9%)<BR>DOS Executable Generic (9.9%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x8787<BR>timedatestamp.....: 0x48defc33 (Sun Sep 28 03:38:27 2008)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 3 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x1000 0xea70 0xec00 7.27 b197c185c06657282ce7f4e6a071c866<BR>.rdata 0x10000 0x13a8 0x1400 5.63 55a5cbaae3794760187605f491e46a6d<BR>.data 0x12000 0x40af 0x200 2.23 aad0214b1ece39af48ce1dfb9d061b14<BR><BR>( 4 imports ) <BR>> ADVAPI32.dll: StartServiceCtrlDispatcherW, RegEnumKeyExA, GetAuditedPermissionsFromAclA, RegGetKeySecurity, FreeSid, InitiateSystemShutdownA, CryptContextAddRef, SetNamedSecurityInfoExW, GetCurrentHwProfileW, LookupAccountSidA, LookupAccountNameW, RegLoadKeyW, RegisterEventSourceW, BuildTrusteeWithSidW, DuplicateTokenEx, RegSaveKeyW, QueryServiceConfigA, CryptCreateHash, LookupAccountNameA, GetMultipleTrusteeA, SetFileSecurityW, CloseServiceHandle, MakeAbsoluteSD, CryptAcquireContextA, AccessCheck, RegSetKeySecurity, AccessCheckAndAuditAlarmW, RegOpenKeyExW, GetSecurityDescriptorLength, LookupSecurityDescriptorPartsW, ConvertSecurityDescriptorToAccessA, RegConnectRegistryA, SetAclInformation, OpenEventLogW, GetFileSecurityA, RegCloseKey, RegQueryValueExA, RegQueryMultipleValuesW, RegDeleteKeyA, SetNamedSecurityInfoExA<BR>> KERNEL32.dll: GetProcessHeap, GetDefaultCommConfigA, GetProcessShutdownParameters, Module32Next, Thread32Next, lstrcmp, GetTempPathW, LCMapStringW, ConvertDefaultLocale, GetThreadContext, ReadConsoleInputA, TransmitCommChar, GetCPInfoExW, LocalAlloc, SetTapeParameters, SetThreadPriorityBoost, SetThreadContext, GetFileAttributesA, WaitNamedPipeA, FillConsoleOutputCharacterW, SetComputerNameW, CreateIoCompletionPort, CompareFileTime, PeekNamedPipe, FindResourceExW, CreateWaitableTimerA, CreateFileA, MoveFileW, LocalFree, GetPrivateProfileStructA, FatalAppExitW, OpenWaitableTimerA, EraseTape, WaitForSingleObjectEx, WaitForSingleObject, WriteFile, EnumDateFormatsExW, FoldStringA, VirtualProtect, VirtualAlloc<BR>> SHLWAPI.dll: PathIsUNCW, SHRegDuplicateHKey, SHDeleteEmptyKeyW, SHIsLowMemoryMachine, SHAutoComplete, StrStrA, UrlUnescapeW, PathCanonicalizeA, UrlGetLocationA, PathAddExtensionA, PathIsSameRootA, PathMatchSpecW, StrChrA, SHRegEnumUSKeyA, PathAddExtensionW, PathFindSuffixArrayW, SHGetThreadRef, PathFileExistsA, PathGetCharTypeA, PathGetCharTypeW, StrSpnA, PathFindExtensionA, PathUndecorateA, SHRegSetUSValueA, PathParseIconLocationW, UrlCombineA, wnsprintfA, PathIsUNCServerA, IntlStrEqWorkerA, SHRegQueryInfoUSKeyW, PathMakeSystemFolderW, PathRenameExtensionA, UrlUnescapeA, SHRegGetBoolUSValueA, SHCopyKeyW, PathCombineA, PathGetDriveNumberW, PathIsDirectoryW, SHRegEnumUSKeyW, SHRegEnumUSValueA, PathCommonPrefixA, SHRegDeleteUSValueA, StrRChrIW, PathGetArgsA, StrPBrkA, PathFindExtensionW, UrlEscapeW, PathIsUNCServerShareA, PathBuildRootA, PathIsDirectoryEmptyA, PathMakeSystemFolderA, PathIsContentTypeW, PathIsRelativeA<BR>> ole32.dll: UtGetDvtd16Info, OleRegGetUserType, CoUnmarshalHresult, OleNoteObjectVisible, OleGetAutoConvert, OleQueryCreateFromData, OleMetafilePictFromIconAndLabel, OleConvertIStorageToOLESTREAM, CoInitialize, OleGetClipboard, StringFromIID, CoQueryReleaseObject, StgGetIFillLockBytesOnFile, CoQueryClientBlanket, OleIsCurrentClipboard, CoTaskMemFree, OleConvertOLESTREAMToIStorageEx, CoDosDateTimeToFileTime, CoFreeAllLibraries, OleCreateFromData, OleIsRunning, OleQueryLinkFromData, CreateDataCache, SetConvertStg, CoGetCurrentLogicalThreadId, CoMarshalHresult, OleSetClipboard, OleLoad, ProgIDFromCLSID, OleCreateLinkFromData, CoGetCurrentProcess, CoGetObject<BR><BR>( 0 exports ) <BR>
PDFiD.: -
RDS...: NSRL Reference Data Set<BR>-
[/CODE]
-
Файл uwpifur.html получен 2009.07.17 13:29:43 (UTC)
Результат: 3/41 (7.32%)
[QUOTE]a-squared 4.5.0.24 2009.07.17 -
AhnLab-V3 5.0.0.2 2009.07.17 -
AntiVir 7.9.0.220 2009.07.17 -
Antiy-AVL 2.0.3.7 2009.07.17 -
Authentium 5.1.2.4 2009.07.17 -
[B]Avast 4.8.1335.0 2009.07.16 HTML:IFrame-IE[/B]
AVG 8.5.0.387 2009.07.17 -
BitDefender 7.2 2009.07.17 -
CAT-QuickHeal 10.00 2009.07.17 -
ClamAV 0.94.1 2009.07.17 -
Comodo 1679 2009.07.17 -
DrWeb 5.0.0.12182 2009.07.17 -
eSafe 7.0.17.0 2009.07.16 -
eTrust-Vet 31.6.6622 2009.07.17 -
F-Prot 4.4.4.56 2009.07.17 -
F-Secure 8.0.14470.0 2009.07.17 -
Fortinet 3.120.0.0 2009.07.17 -
[B]GData 19 2009.07.17 HTML:IFrame-IE[/B]
Ikarus T3.1.1.64.0 2009.07.17 -
Jiangmin 11.0.800 2009.07.17 -
K7AntiVirus 7.10.794 2009.07.16 -
Kaspersky 7.0.0.125 2009.07.17 -
McAfee 5678 2009.07.16 -
McAfee+Artemis 5678 2009.07.16 -
[B]McAfee-GW-Edition 6.8.5 2009.07.17 Heuristic.BehavesLike.JS.CodeUnfolding.A[/B]
Microsoft 1.4803 2009.07.17 -
NOD32 4254 2009.07.17 -
Norman 6.01.09 2009.07.17 -
nProtect 2009.1.8.0 2009.07.17 -
Panda 10.0.0.14 2009.07.16 -
PCTools 4.4.2.0 2009.07.17 -
Prevx 3.0 2009.07.17 -
Rising 21.38.44.00 2009.07.17 -
Sophos 4.43.0 2009.07.17 -
Sunbelt 3.2.1858.2 2009.07.17 -
Symantec 1.4.4.12 2009.07.17 -
TheHacker 6.3.4.3.369 2009.07.16 -
TrendMicro 8.950.0.1094 2009.07.17 -
VBA32 3.12.10.8 2009.07.16 -
ViRobot 2009.7.17.1841 2009.07.17 -
VirusBuster 4.6.5.0 2009.07.16 -[/QUOTE]
[url]http://www.virustotal.com/ru/analisis/4deb94db13626eed3b435fb4c46d13791f556202b865a51d9b1417e931d64f63-1247837383[/url]
-
File foto18.scr received on 2009.07.17 17:30:58 (UTC)
Current status: finished
Result: 9/40 (22.50%)
[QUOTE][B]a-squared 4.5.0.24 2009.07.17 Trojan.Win32.FakeXPA!IK[/B]
AhnLab-V3 5.0.0.2 2009.07.17 -
AntiVir 7.9.0.220 2009.07.17 -
Antiy-AVL 2.0.3.7 2009.07.17 -
Authentium 5.1.2.4 2009.07.17 -
Avast 4.8.1335.0 2009.07.17 -
AVG 8.5.0.387 2009.07.17 -
BitDefender 7.2 2009.07.17 -
CAT-QuickHeal 10.00 2009.07.17 -
ClamAV 0.94.1 2009.07.17 -
Comodo 1681 2009.07.17 -
[B]DrWeb 5.0.0.12182 2009.07.17 Trojan.MulDrop.30762[/B]
[B]eSafe 7.0.17.0 2009.07.16 Suspicious File[/B]
eTrust-Vet 31.6.6622 2009.07.17 -
F-Prot 4.4.4.56 2009.07.17 -
F-Secure 8.0.14470.0 2009.07.17 -
Fortinet 3.120.0.0 2009.07.17 -
GData 19 2009.07.17 -
[B]Ikarus T3.1.1.64.0 2009.07.17 Trojan.Win32.FakeXPA[/B]
Jiangmin 11.0.800 2009.07.17 -
K7AntiVirus 7.10.794 2009.07.16 -
Kaspersky 7.0.0.125 2009.07.17 -
[B]McAfee 5679 2009.07.17 New Malware.ix[/B]
[B]McAfee+Artemis 5679 2009.07.17 Artemis!0BB14FB2F387[/B]
McAfee-GW-Edition 6.8.5 2009.07.17 -
[B]Microsoft 1.4803 2009.07.17 TrojanDropper:Win32/Forcud.A[/B]
NOD32 4254 2009.07.17 -
Norman 6.01.09 2009.07.17 -
nProtect 2009.1.8.0 2009.07.17 -
PCTools 4.4.2.0 2009.07.17 -
[B]Prevx 3.0 2009.07.17 High Risk Cloaked Malware[/B]
[B]Rising 21.38.44.00 2009.07.17 Packer.Win32.Mian007.a[/B]
Sophos 4.43.0 2009.07.17 -
Sunbelt 3.2.1858.2 2009.07.17 -
Symantec 1.4.4.12 2009.07.17 -
TheHacker 6.3.4.3.369 2009.07.16 -
TrendMicro 8.950.0.1094 2009.07.17 -
VBA32 3.12.10.8 2009.07.16 -
ViRobot 2009.7.17.1841 2009.07.17 -
VirusBuster 4.6.5.0 2009.07.16 -[/QUOTE]
Additional information
File size: 196608 bytes
MD5 : 0bb14fb2f38777f6b64b60dc8f1978ce
SHA1 : 4be7e0e8a3a5753b75cf1a2cec9c17a8595469bf
SHA256: 6be4d1588541bc4a1826b1a52d3046ea6ad2e720a8b1a93c81e97b793d09c8f1
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1187
timedatestamp.....: 0x373ADC16 (Thu May 13 16:05:10 1999)
machinetype.......: 0x14C (Intel I386)
[url]http://info.prevx.com/aboutprogramtext.asp?PX5=C8E83035000EE7DE00F80355C352F7004167BEF2[/url]
-
File gsmlokator_nokia.jad received on 2009.07.18 20:43:03 (UTC)
Current status: finished
Result: 0/41 (0%)
[QUOTE]a-squared 4.5.0.24 2009.07.18 -
AhnLab-V3 5.0.0.2 2009.07.18 -
AntiVir 7.9.0.220 2009.07.17 -
Antiy-AVL 2.0.3.7 2009.07.17 -
Authentium 5.1.2.4 2009.07.18 -
Avast 4.8.1335.0 2009.07.18 -
AVG 8.5.0.387 2009.07.18 -
BitDefender 7.2 2009.07.18 -
CAT-QuickHeal 10.00 2009.07.17 -
ClamAV 0.94.1 2009.07.18 -
Comodo 1695 2009.07.18 -
DrWeb 5.0.0.12182 2009.07.18 -
eSafe 7.0.17.0 2009.07.16 -
eTrust-Vet 31.6.6623 2009.07.18 -
F-Prot 4.4.4.56 2009.07.17 -
F-Secure 8.0.14470.0 2009.07.18 -
Fortinet 3.120.0.0 2009.07.18 -
GData 19 2009.07.18 -
Ikarus T3.1.1.64.0 2009.07.18 -
Jiangmin 11.0.800 2009.07.18 -
K7AntiVirus 7.10.796 2009.07.18 -
Kaspersky 7.0.0.125 2009.07.18 -
McAfee 5680 2009.07.18 -
McAfee+Artemis 5680 2009.07.18 -
McAfee-GW-Edition 6.8.5 2009.07.18 -
Microsoft 1.4803 2009.07.18 -
NOD32 4257 2009.07.18 -
Norman 6.01.09 2009.07.17 -
nProtect 2009.1.8.0 2009.07.18 -
Panda 10.0.0.14 2009.07.18 -
PCTools 4.4.2.0 2009.07.18 -
Prevx 3.0 2009.07.18 -
Rising 21.38.52.00 2009.07.18 -
Sophos 4.43.0 2009.07.18 -
Sunbelt 3.2.1858.2 2009.07.18 -
Symantec 1.4.4.12 2009.07.18 -
TheHacker 6.3.4.3.370 2009.07.17 -
TrendMicro 8.950.0.1094 2009.07.18 -
VBA32 3.12.10.8 2009.07.17 -
ViRobot 2009.7.17.1841 2009.07.17 -
VirusBuster 4.6.5.0 2009.07.16 -[/QUOTE]
Additional information
File size: 394 bytes
MD5...: f4b911f5a6922dfa86cbad1b5751f5d5
SHA1..: 2534a0e3ba2750adf82b47fbc10158e153a1859c
SHA256: a2bfeed9aa5962f32a4171436cee7ba6b58a86972636f7fca9ca64a9859ca6b6
ssdeep: 6:1KItJtf9FyuF35rB9oU+KMIgzB9ovXe2nkfSUu9VtUqYoESleOdaivv:1Tt/ff
xp5tX+KVSMX+u9VOFMleOfvv
PEiD..: -
TrID..: File type identification
Java Manifest (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
:(
-
Нашёл на работе в папке %USERPROFILE%
Файл User.exe получен 2009.07.21 09:00:24 (UTC)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.07.21 -
[B]AhnLab-V3 5.0.0.2 2009.07.21 Win-Trojan/Downloader.39424.CQ[/B]
AntiVir 7.9.0.222 2009.07.21 -
Antiy-AVL 2.0.3.7 2009.07.17 -
Authentium 5.1.2.4 2009.07.21 -
Avast 4.8.1335.0 2009.07.20 -
[B]AVG 8.5.0.387 2009.07.20 Downloader.Generic8.BCXT[/B]
BitDefender 7.2 2009.07.21 -
[B]CAT-QuickHeal 10.00 2009.07.21 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2009.07.21 -
Comodo 1723 2009.07.21 -
DrWeb 5.0.0.12182 2009.07.21 -
eSafe 7.0.17.0 2009.07.20 -
eTrust-Vet 31.6.6629 2009.07.21 -
F-Prot 4.4.4.56 2009.07.20 -
F-Secure 8.0.14470.0 2009.07.21 -
[B]Fortinet 3.120.0.0 2009.07.21 Misc/Renos[/B]
GData 19 2009.07.21 -
Ikarus T3.1.1.64.0 2009.07.21 -
Jiangmin 11.0.800 2009.07.21 -
K7AntiVirus 7.10.797 2009.07.20 -
[B]Kaspersky 7.0.0.125 2009.07.21 Hoax.Win32.Renos.vcgo[/B]
McAfee 5682 2009.07.20 -
McAfee+Artemis 5682 2009.07.20 -
McAfee-GW-Edition 6.8.5 2009.07.21 -
[B]Microsoft 1.4803 2009.07.21 VirTool:Win32/Obfuscator.ES[/B]
NOD32 4262 2009.07.20 -
Norman 6.01.09 2009.07.20 -
nProtect 2009.1.8.0 2009.07.21 -
[B]Panda 10.0.0.14 2009.07.20 Suspicious file[/B]
PCTools 4.4.2.0 2009.07.20 -
[B]Prevx 3.0 2009.07.21 High Risk Cloaked Malware[/B]
Rising 21.39.10.00 2009.07.21 -
Sophos 4.43.0 2009.07.21 -
Sunbelt 3.2.1858.2 2009.07.21 -
Symantec 1.4.4.12 2009.07.21 -
TheHacker 6.3.4.3.370 2009.07.17 -
TrendMicro 8.950.0.1094 2009.07.21 -
VBA32 3.12.10.8 2009.07.21 -
ViRobot 2009.7.21.1844 2009.07.21 -
VirusBuster 4.6.5.0 2009.07.20 -[/QUOTE]
File size: 39424 bytes
MD5...: e17a03336c1db4cfa0f83a1de511efe7
SHA1..: 4de1074c88cb6fb3f432dd2cbf2884100d2ad6a9
SHA256: 0d88e03db04dec4e457506c6ff60e9ff666c0770d723ec36d56d75be1b0ecb00
ssdeep: 768:b4doDtuG3FBR8GXMz5Fi/XzdqAjSomBg:b4uJuG3/R8GXkFlAjSoM
PEiD..: -
TrID..: File type identification
Win32 Dynamic Link Library (generic) (65.4%)
Generic Win/DOS Executable (17.2%)
DOS Executable Generic (17.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
P.S: [URL="http://camas.comodo.com/cgi-bin/submit?file=0d88e03db04dec4e457506c6ff60e9ff666c0770d723ec36d56d75be1b0ecb00"]http://camas.comodo.com/cgi-bin/submit?file=0d88e03db04dec4e457506c6ff60e9ff666c0770d723ec36d56d75be1b0ecb00[/URL]
-
File syschost.exe received on 2009.07.22 04:43:54 (UTC)
Current status: finished
Result: 4/41 (9.76%)
[QUOTE][B]a-squared 4.5.0.24 2009.07.22 Trojan-Dropper.Agent!IK[/B]
AhnLab-V3 5.0.0.2 2009.07.21 -
AntiVir 7.9.0.222 2009.07.21 -
Antiy-AVL 2.0.3.7 2009.07.22 -
Authentium 5.1.2.4 2009.07.22 -
Avast 4.8.1335.0 2009.07.21 -
AVG 8.5.0.387 2009.07.21 -
BitDefender 7.2 2009.07.22 -
CAT-QuickHeal 10.00 2009.07.21 -
ClamAV 0.94.1 2009.07.22 -
Comodo 1729 2009.07.21 -
DrWeb 5.0.0.12182 2009.07.22 -
[B]eSafe 7.0.17.0 2009.07.21 Suspicious File[/B]
eTrust-Vet 31.6.6632 2009.07.22 -
F-Prot 4.4.4.56 2009.07.21 -
F-Secure 8.0.14470.0 2009.07.21 -
Fortinet 3.120.0.0 2009.07.22 -
GData 19 2009.07.22 -
[B]Ikarus T3.1.1.64.0 2009.07.22 Trojan-Dropper.Agent[/B]
Jiangmin 11.0.800 2009.07.21 -
K7AntiVirus 7.10.798 2009.07.21 -
Kaspersky 7.0.0.125 2009.07.22 -
McAfee 5683 2009.07.21 -
McAfee+Artemis 5683 2009.07.21 -
McAfee-GW-Edition 6.8.5 2009.07.22 -
Microsoft 1.4903 2009.07.22 -
NOD32 4265 2009.07.21 -
Norman 6.01.09 2009.07.21 -
nProtect 2009.1.8.0 2009.07.21 -
Panda 10.0.0.14 2009.07.21 -
PCTools 4.4.2.0 2009.07.21 -
Prevx 3.0 2009.07.22 -
Rising 21.39.20.00 2009.07.22 -
Sophos 4.43.0 2009.07.22 -
Sunbelt 3.2.1858.2 2009.07.21 -
Symantec 1.4.4.12 2009.07.22 -
TheHacker 6.3.4.3.372 2009.07.21 -
[B]TrendMicro 8.950.0.1094 2009.07.21 PAK_Generic.001[/B]
VBA32 3.12.10.8 2009.07.22 -
ViRobot 2009.7.22.1846 2009.07.22 -
VirusBuster 4.6.5.0 2009.07.21 -[/QUOTE]
dditional information
File size: 18432 bytes
MD5...: c5640feb5a62af27c4ae0efdf75c54c1
SHA1..: 421a9c1fe8bb604dee24f4a85c40695c8ef03f59
SHA256: eae88ba28b1c86e776a37f163c264b4b230b7788155ddf782a487b50733a59f8
ssdeep: 384:fy+x6lI2M/1EJRPjTlm1sxsB8bdhzoZlV73kYkheTj3w4:ff6JRI1sqche70
zheJ
PEiD..: -
TrID..: File type identification
UPX compressed Win32 Executable (38.5%)
Win32 EXE Yoda's Crypter (33.4%)
Win32 Executable Generic (10.7%)
Win32 Dynamic Link Library (generic) (9.5%)
Win16/32 Executable Delphi generic (2.6%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0xfda0
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)
File explopep.exe received on 2009.07.22 04:44:21 (UTC)
Current status: finished
Result: 2/41 (4.88%)
[QUOTE]a-squared 4.5.0.24 2009.07.22 -
AhnLab-V3 5.0.0.2 2009.07.21 -
AntiVir 7.9.0.222 2009.07.21 -
Antiy-AVL 2.0.3.7 2009.07.22 -
Authentium 5.1.2.4 2009.07.22 -
Avast 4.8.1335.0 2009.07.21 -
AVG 8.5.0.387 2009.07.21 -
BitDefender 7.2 2009.07.22 -
CAT-QuickHeal 10.00 2009.07.21 -
ClamAV 0.94.1 2009.07.22 -
Comodo 1729 2009.07.21 -
DrWeb 5.0.0.12182 2009.07.22 -
[B]eSafe 7.0.17.0 2009.07.21 Suspicious File[/B]
eTrust-Vet 31.6.6632 2009.07.22 -
F-Prot 4.4.4.56 2009.07.21 -
F-Secure 8.0.14470.0 2009.07.21 -
Fortinet 3.120.0.0 2009.07.22 -
GData 19 2009.07.22 -
Ikarus T3.1.1.64.0 2009.07.22 -
Jiangmin 11.0.800 2009.07.21 -
K7AntiVirus 7.10.798 2009.07.21 -
Kaspersky 7.0.0.125 2009.07.22 -
McAfee 5683 2009.07.21 -
McAfee+Artemis 5683 2009.07.21 -
McAfee-GW-Edition 6.8.5 2009.07.22 -
Microsoft 1.4903 2009.07.22 -
NOD32 4265 2009.07.21 -
Norman 6.01.09 2009.07.21 -
nProtect 2009.1.8.0 2009.07.21 -
Panda 10.0.0.14 2009.07.21 -
PCTools 4.4.2.0 2009.07.21 -
Prevx 3.0 2009.07.22 -
Rising 21.39.20.00 2009.07.22 -
Sophos 4.43.0 2009.07.22 -
Sunbelt 3.2.1858.2 2009.07.21 -
Symantec 1.4.4.12 2009.07.22 -
TheHacker 6.3.4.3.372 2009.07.21 -
[B]TrendMicro 8.950.0.1094 2009.07.21 PAK_Generic.001[/B]
VBA32 3.12.10.8 2009.07.22 -
ViRobot 2009.7.22.1846 2009.07.22 -
VirusBuster 4.6.5.0 2009.07.21 -
[/QUOTE]
Additional information
File size: 19968 bytes
MD5...: 7be149ee77fa31b3f8bab455937ac76f
SHA1..: 1b226b0ef31388ebe23421ec566dc14e2d57aa6e
SHA256: 9b05fb900ef5744cded0a53ed024fdb5b79becfdd6b03c9a71c7b1a8c7151348
ssdeep: 384:Pd916tjMZUcCdOSMIOu5TFpTJ1jMBtdfir81LGDYVpmzl8:P/1cjeU0AOu5x
r5M/daOJ0
PEiD..: -
TrID..: File type identification
UPX compressed Win32 Executable (38.5%)
Win32 EXE Yoda's Crypter (33.4%)
Win32 Executable Generic (10.7%)
Win32 Dynamic Link Library (generic) (9.5%)
Win16/32 Executable Delphi generic (2.6%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x112d0
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)
-
File WindoFixSetup.exe received on 2009.07.23 02:33:50 (UTC)
Current status: finished
Result: 0/40 (0%)
[QUOTE]a-squared 4.5.0.24 2009.07.23 -
AhnLab-V3 5.0.0.2 2009.07.22 -
AntiVir 7.9.0.222 2009.07.22 -
Antiy-AVL 2.0.3.7 2009.07.22 -
Authentium 5.1.2.4 2009.07.23 -
Avast 4.8.1335.0 2009.07.22 -
AVG 8.5.0.387 2009.07.22 -
BitDefender 7.2 2009.07.23 -
CAT-QuickHeal 10.00 2009.07.22 -
ClamAV 0.94.1 2009.07.23 -
Comodo 1738 2009.07.23 -
DrWeb 5.0.0.12182 2009.07.23 -
eSafe 7.0.17.0 2009.07.21 -
eTrust-Vet 31.6.6634 2009.07.22 -
F-Prot 4.4.4.56 2009.07.22 -
F-Secure 8.0.14470.0 2009.07.23 -
Fortinet 3.120.0.0 2009.07.23 -
GData 19 2009.07.23 -
Ikarus T3.1.1.64.0 2009.07.23 -
Jiangmin 11.0.800 2009.07.22 -
K7AntiVirus 7.10.799 2009.07.22 -
Kaspersky 7.0.0.125 2009.07.23 -
McAfee 5684 2009.07.22 -
McAfee+Artemis 5684 2009.07.22 -
McAfee-GW-Edition 6.8.5 2009.07.22 -
Microsoft 1.4903 2009.07.22 -
NOD32 4268 2009.07.23 -
Norman 6.01.09 2009.07.22 -
nProtect 2009.1.8.0 2009.07.23 -
Panda 10.0.0.14 2009.07.22 -
PCTools 4.4.2.0 2009.07.22 -
Prevx 3.0 2009.07.23 -
Rising 21.39.24.00 2009.07.22 -
Sophos 4.44.0 2009.07.23 -
Sunbelt 3.2.1858.2 2009.07.22 -
Symantec 1.4.4.12 2009.07.23 -
TheHacker 6.3.4.3.372 2009.07.23 -
TrendMicro 8.950.0.1094 2009.07.22 -
ViRobot 2009.7.22.1847 2009.07.22 -
VirusBuster 4.6.5.0 2009.07.22 -[/QUOTE]
File size: 1192959 bytes
MD5...: 12a351a1efce6b76bab9f66e41f8343b
SHA1..: 4215e12971ef73057f0354a0b2abbeadaeb51251
SHA256: 6f74cc72c14659467ede114873cb8d8ee53295f5f87af19e3c4d456c3d628aac
ssdeep: 24576:v2U3grE9z9ZWn9HGpYVViu60r0otygrOeWKgXsxtiCn1tN8YaXag:v2w2E
99cntGpYVVH6O0oRHkcXJbhaV
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x9a58
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)
:(
[size="1"][color="#666686"][B][I]Добавлено через 31 минуту[/I][/B][/color][/size]
Файл RegDefense.exe получен 2009.07.23 02:54:49 (UTC)
Результат: 1/41 (2.44%)
[QUOTE]a-squared 4.5.0.24 2009.07.23 -
AhnLab-V3 5.0.0.2 2009.07.22 -
AntiVir 7.9.0.222 2009.07.22 -
Antiy-AVL 2.0.3.7 2009.07.22 -
Authentium 5.1.2.4 2009.07.23 -
Avast 4.8.1335.0 2009.07.22 -
AVG 8.5.0.387 2009.07.22 -
BitDefender 7.2 2009.07.23 -
CAT-QuickHeal 10.00 2009.07.22 -
ClamAV 0.94.1 2009.07.23 -
Comodo 1738 2009.07.23 -
DrWeb 5.0.0.12182 2009.07.23 -
eSafe 7.0.17.0 2009.07.21 -
eTrust-Vet 31.6.6634 2009.07.22 -
F-Prot 4.4.4.56 2009.07.22 -
F-Secure 8.0.14470.0 2009.07.23 -
Fortinet 3.120.0.0 2009.07.23 -
GData 19 2009.07.23 -
Ikarus T3.1.1.64.0 2009.07.23 -
Jiangmin 11.0.800 2009.07.22 -
K7AntiVirus 7.10.799 2009.07.22 -
Kaspersky 7.0.0.125 2009.07.23 -
McAfee 5684 2009.07.22 -
McAfee+Artemis 5684 2009.07.22 -
McAfee-GW-Edition 6.8.5 2009.07.22 -
Microsoft 1.4903 2009.07.22 -
NOD32 4268 2009.07.23 -
Norman 6.01.09 2009.07.22 -
nProtect 2009.1.8.0 2009.07.23 -
Panda 10.0.0.14 2009.07.22 -
PCTools 4.4.2.0 2009.07.22 -
Prevx 3.0 2009.07.23 -
Rising 21.39.24.00 2009.07.22 -
[B]Sophos 4.44.0 2009.07.23 PsKill[/B]
Sunbelt 3.2.1858.2 2009.07.22 -
Symantec 1.4.4.12 2009.07.23 -
TheHacker 6.3.4.3.372 2009.07.23 -
TrendMicro 8.950.0.1094 2009.07.22 -
VBA32 3.12.10.8 2009.07.22 -
ViRobot 2009.7.23.1848 2009.07.23 -
VirusBuster 4.6.5.0 2009.07.22 -[/QUOTE]
File size: 2018352 bytes
MD5...: e172a33b36458384f2422f2b4c65c2fb
SHA1..: 2f6a891b2fca21f6e03c318e88306e03eef3bc83
SHA256: c23ef87124181107bba9b0a9a2d6891839511d2bf3626342e0fdd8f195ef237c
ssdeep: 49152:pIAJPWQJKWDW+BRxj+v2HDHkPrKQhzVGRXEVF8qMXf:prJP3KWDlBCvUHs
rKQDMUVF8qe
PEiD..: -
TrID..: File type identification
Win64 Executable Generic (63.0%)
Win32 Executable MS Visual C++ (generic) (27.7%)
Win32 Executable Generic (6.2%)
Generic Win/DOS Executable (1.4%)
DOS Executable Generic (1.4%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x323c
timedatestamp.....: 0x49a05a1a (Sat Feb 21 19:46:34 2009)
machinetype.......: 0x14c (I386)
-
Свяжак
Файл avz00007.dta получен 2009.07.23 09:34:03 (UTC)
[CODE]Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.07.23 -
AhnLab-V3 5.0.0.2 2009.07.23 -
[B]AntiVir 7.9.0.228 2009.07.23 TR/Dropper.Gen[/B]
Antiy-AVL 2.0.3.7 2009.07.23 -
Authentium 5.1.2.4 2009.07.23 -
Avast 4.8.1335.0 2009.07.22 -
AVG 8.5.0.387 2009.07.22 -
BitDefender 7.2 2009.07.23 -
[B]CAT-QuickHeal 10.00 2009.07.23 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2009.07.23 -
Comodo 1741 2009.07.23 -
DrWeb 5.0.0.12182 2009.07.23 -
eSafe 7.0.17.0 2009.07.21 -
eTrust-Vet 31.6.6634 2009.07.22 -
F-Prot 4.4.4.56 2009.07.22 -
F-Secure 8.0.14470.0 2009.07.23 -
Fortinet 3.120.0.0 2009.07.23 -
GData 19 2009.07.23 -
Ikarus T3.1.1.64.0 2009.07.23 -
Jiangmin 11.0.800 2009.07.23 -
K7AntiVirus 7.10.799 2009.07.22 -
Kaspersky 7.0.0.125 2009.07.23 -
[B]McAfee 5684 2009.07.22 FakeAlert-DZ
McAfee+Artemis 5684 2009.07.22 FakeAlert-DZ
McAfee-GW-Edition 6.8.5 2009.07.23 Trojan.Dropper.Gen[/B]
Norman 6.01.09 2009.07.22 -
nProtect 2009.1.8.0 2009.07.23 -
Panda 10.0.0.14 2009.07.22 -
PCTools 4.4.2.0 2009.07.22 -
Prevx 3.0 2009.07.23 -
[B]Rising 21.39.32.00 2009.07.23 Unknown Win32 Virus[/B]
Sophos 4.44.0 2009.07.23 -
Sunbelt 3.2.1858.2 2009.07.22 -
Symantec 1.4.4.12 2009.07.23 -
TheHacker 6.3.4.3.372 2009.07.23 -
TrendMicro 8.950.0.1094 2009.07.23 -
VBA32 3.12.10.9 2009.07.23 -
ViRobot 2009.7.23.1849 2009.07.23 -
VirusBuster 4.6.5.0 2009.07.22 -
[/CODE][CODE]Дополнительная информация
File size: 742482 bytes
MD5...: 42893aa9d384edcbc1a9ca032f3ab490
SHA1..: bdd61934d7515b7a0096bcf293bf6cfab5cf8f3d
SHA256: a3620607e76385d0e2b3c8ad570a3622954df3b76ca96772450f1f3d36cc4759
ssdeep: 12288:QTC1mFBuXfXQ9sHc7rmfTwl0IbZfKrVxNIok51r6Jm:Qe1lpc7rmfT0b8B<br>Aam<br>
PEiD..: -
TrID..: File type identification<br>Generic Win/DOS Executable (49.9%)<br>DOS Executable Generic (49.8%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0xb2388<br>timedatestamp.....: 0x470a9cb6 (Mon Oct 08 21:10:14 2007)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x15d000 0xb3e00 7.21 75112b42922338fd2df30e5a9ab440b7<br>.data 0x15e000 0x1000 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b<br>.rdata 0x15f000 0x1000 0xc00 4.80 e2fa41bfcd45e3b2d083bea433814491<br>.rsrc 0x160000 0x1000 0x400 3.02 e10879d0fd2c52238d8d79e944ed807c<br><br>( 2 imports ) <br>> KERNEL32.DLL: GetModuleFileNameA, InterlockedIncrement, GetCurrentProcess, GetSystemTimeAsFileTime, GetModuleFileNameW, InterlockedCompareExchange, LoadLibraryA, VirtualAlloc, GetProcAddress, GetProcAddress, HeapDestroy, GetProcessHeap, HeapDestroy, UnhandledExceptionFilter, DisableThreadLibraryCalls, GetModuleHandleA, GetTickCount, GetProcAddress, HeapDestroy, InterlockedDecrement, GetModuleFileNameA, EnterCriticalSection, InterlockedIncrement, lstrcmpiW, GetModuleFileNameW, InterlockedExchange, LocalFree, EnterCriticalSection, LoadLibraryA, GetModuleFileNameA, EnterCriticalSection, HeapFree, QueryPerformanceCounter, CloseHandle, LeaveCriticalSection, lstrlenA, GetModuleHandleW, lstrlenA, LocalFree, Sleep, EnterCriticalSection, CreateEventW, HeapFree, CreateFileW, HeapDestroy, GetModuleFileNameW, lstrcmpiW, QueryPerformanceCounter, UnhandledExceptionFilter, SetLastError, UnhandledExceptionFilter, ReadFile, GetTickCount<br>> USER32.DLL: BeginPaint, EndPaint, PostQuitMessage, MessageBoxW, SendMessageW, KillTimer, DialogBoxParamW, SetForegroundWindow, GetDesktopWindow, GetWindowLongW, SetDlgItemTextW, DispatchMessageW, BeginPaint, GetDlgItem, EndDialog, DefWindowProcW, CreateWindowExW, DialogBoxParamW, GetSysColor, SetTimer, IsWindow, DialogBoxParamW, IsDlgButtonChecked, KillTimer, GetDesktopWindow, SetWindowLongW, PostQuitMessage, EnableWindow, SetWindowPos, GetDC, KillTimer, SetDlgItemTextW, SetWindowPos, ReleaseDC, ReleaseDC, PostQuitMessage, CreateWindowExW, LoadCursorW, GetClientRect, GetSysColor, SetWindowLongW, TranslateMessage, SendDlgItemMessageW, GetDesktopWindow, wsprintfA, GetDesktopWindow, SetCursor, GetFocus, LoadIconW, InvalidateRect, TranslateMessage, LoadStringW, SetTimer, PostQuitMessage, BeginPaint<br><br>( 0 exports ) <br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
[/CODE]
[size="1"][color="#666686"][B][I]Добавлено через 8 минут[/I][/B][/color][/size]
Файл avz00006.dta получен 2009.07.23 09:43:29 (UTC)
[CODE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.07.23 Email-Worm.Win32.Iksmas!IK[/B]
AhnLab-V3 5.0.0.2 2009.07.23 -
AntiVir 7.9.0.228 2009.07.23 -
Antiy-AVL 2.0.3.7 2009.07.23 -
Authentium 5.1.2.4 2009.07.23 -
Avast 4.8.1335.0 2009.07.22 -
[B]AVG 8.5.0.387 2009.07.23 PSW.Generic7.SFW[/B]
BitDefender 7.2 2009.07.23 -
[B]CAT-QuickHeal 10.00 2009.07.23 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2009.07.23 -
Comodo 1741 2009.07.23 -
[B]DrWeb 5.0.0.12182 2009.07.23 Trojan.Spambot.4331[/B]
eSafe 7.0.17.0 2009.07.21 -
eTrust-Vet 31.6.6634 2009.07.22 -
F-Prot 4.4.4.56 2009.07.22 -
[B]F-Secure 8.0.14470.0 2009.07.23 Email-Worm.Win32.Iksmas.dgr
Fortinet 3.120.0.0 2009.07.23 W32/Iksmas.DGR@mm[/B]
GData 19 2009.07.23 -
[B]Ikarus T3.1.1.64.0 2009.07.23 Email-Worm.Win32.Iksmas[/B]
Jiangmin 11.0.800 2009.07.23 -
K7AntiVirus 7.10.799 2009.07.22 -
[B]Kaspersky 7.0.0.125 2009.07.23 Email-Worm.Win32.Iksmas.dgr[/B]
McAfee 5684 2009.07.22 -
[B]McAfee+Artemis 5684 2009.07.22 Artemis!7329B2096B15
McAfee-GW-Edition 6.8.5 2009.07.23 Heuristic.BehavesLike.Win32.Packed.I
Microsoft 1.4903 2009.07.23 Trojan:Win32/Waledac.gen!A
NOD32 4269 2009.07.23 a variant of Win32/Waledac.KA[/B]
Norman 6.01.09 2009.07.22 -
nProtect 2009.1.8.0 2009.07.23 -
[B]Panda 10.0.0.14 2009.07.22 Trj/CI.A[/B]
PCTools 4.4.2.0 2009.07.22 -
[B]Prevx 3.0 2009.07.23 Medium Risk Malware
Rising 21.39.32.00 2009.07.23 Unknown Win32 Virus
Sophos 4.44.0 2009.07.23 Mal/WaledPak-H
Sunbelt 3.2.1858.2 2009.07.22 Email-Worm.Win32.Waledac.Gen (v)[/B]
Symantec 1.4.4.12 2009.07.23 -
TheHacker 6.3.4.3.372 2009.07.23 -
TrendMicro 8.950.0.1094 2009.07.23 -
VBA32 3.12.10.9 2009.07.23 -
ViRobot 2009.7.23.1849 2009.07.23 -
VirusBuster 4.6.5.0 2009.07.22 -
[/CODE]
[CODE]Дополнительная информация
File size: 498688 bytes
MD5...: 7329b2096b156842c7bd576b1918ec58
SHA1..: 56a6d2634f2759b425e3cc20c0c51bedd1664aac
SHA256: 8f5c16bc2b368cc4dbea79a7a84151b454f9a8dc7405e615af585b9883f9e2ff
ssdeep: 12288:0qy5DTAlioxxYRr5BeQPbd4kJqG1TskXiIedH:0qG3AlioxEfPbd4kJqwM<br>bd<br>
PEiD..: -
TrID..: File type identification<br>Generic Win/DOS Executable (49.9%)<br>DOS Executable Generic (49.8%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x76804<br>timedatestamp.....: 0x435eac41 (Tue Oct 25 22:05:53 2005)<br>machinetype.......: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0xf3000 0x78600 7.22 ef8c82cbc04d20d825f48695fae1836f<br>.data 0xf4000 0x1000 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b<br>.rdata 0xf5000 0x1000 0xc00 4.49 f17d28d20a8d830c8416c375a6cf939d<br>.rsrc 0xf6000 0x1000 0x400 2.98 f060e5acc6c09b946f5c69aacf27f77c<br><br>( 2 imports ) <br>> KERNEL32.DLL: LocalFree, InterlockedExchange, GetCurrentProcessId, MultiByteToWideChar, GetProcAddress, GetCurrentThreadId, MultiByteToWideChar, GetModuleHandleA, InterlockedExchange, SetLastError, LeaveCriticalSection, QueryPerformanceCounter, Sleep, HeapFree, InterlockedCompareExchange, HeapFree, GetTickCount, GetProcessHeap, FreeLibrary, DisableThreadLibraryCalls, UnhandledExceptionFilter, LocalFree, ReadFile, GetCurrentProcessId, GetModuleFileNameW, GetCurrentProcessId, UnhandledExceptionFilter, ReadFile, UnhandledExceptionFilter, FreeLibrary, GetProcAddress, LoadLibraryW, GetCurrentProcessId, GetCurrentProcessId, GetProcAddress, HeapDestroy, GetModuleFileNameA, VirtualAlloc, InterlockedIncrement, CreateFileW, VirtualAlloc, LoadLibraryA, HeapFree, LocalFree, UnhandledExceptionFilter, HeapFree, LoadLibraryW, LoadLibraryA, LocalFree, GetTickCount<br>> USER32.DLL: LoadIconW, SetTimer, LoadStringW, KillTimer, DestroyWindow, PostQuitMessage, DestroyWindow, DialogBoxParamW, SetFocus, wsprintfA, SendDlgItemMessageW, ReleaseDC, GetFocus, GetParent, PostMessageW, ReleaseDC, IsDlgButtonChecked, InvalidateRect, SetWindowLongW, SetCursor, CreateWindowExW, GetSystemMetrics, PostQuitMessage, SetWindowTextW, SetForegroundWindow, EndDialog, LoadStringW, InvalidateRect, SetDlgItemTextW, GetWindowLongW, CreateWindowExW, SetTimer, IsWindow, wsprintfA, InvalidateRect, SetWindowLongW, PostQuitMessage, MessageBoxW, IsDlgButtonChecked, SendMessageW, LoadIconW, CharNextW, GetDlgItem, IsDlgButtonChecked, EnableWindow, SetForegroundWindow, EndPaint, SetCursor, TranslateMessage, GetWindowRect, IsWindow<br><br>( 0 exports ) <br>
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-
Prevx info: <a href='http://info.prevx.com/aboutprogramtext.asp?PX5=AB6C3551001E40DA9C0E07ABED62FE00BBFD3571' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=AB6C3551001E40DA9C0E07ABED62FE00BBFD3571</a>
[/CODE]
-
Файл PrivateContent.exe получен 2009.07.26 08:58:44 (UTC)
Текущий статус: закончено
Результат: 10/41 (24.4%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.07.26 Trojan.Fake!IK[/B]
AhnLab-V3 5.0.0.2 2009.07.26 -
[B]AntiVir 7.9.0.228 2009.07.24 TR/Fake.GoogleBar.2[/B]
Antiy-AVL 2.0.3.7 2009.07.24 -
Authentium 5.1.2.4 2009.07.25 -
Avast 4.8.1335.0 2009.07.25 -
AVG 8.5.0.387 2009.07.25 -
BitDefender 7.2 2009.07.26 -
CAT-QuickHeal 10.00 2009.07.25 -
ClamAV 0.94.1 2009.07.26 -
Comodo 1770 2009.07.26 -
DrWeb 5.0.0.12182 2009.07.26 -
eSafe 7.0.17.0 2009.07.23 -
eTrust-Vet 31.6.6640 2009.07.25 -
F-Prot 4.4.4.56 2009.07.25 -
[B]F-Secure 8.0.14470.0 2009.07.25 AdWare.Win32.Cinmus.awbr[/B]
Fortinet 3.120.0.0 2009.07.26 -
GData 19 2009.07.26 -
[B]Ikarus T3.1.1.64.0 2009.07.26 Trojan.Fake[/B]
Jiangmin 11.0.800 2009.07.26 -
K7AntiVirus 7.10.802 2009.07.25 -
[B]Kaspersky 7.0.0.125 2009.07.26 not-a-virus:AdWare.Win32.Cinmus.awbr[/B]
McAfee 5688 2009.07.25 -
[B]McAfee+Artemis 5688 2009.07.25 Artemis!1AA4A28552D9[/B]
[B]McAfee-GW-Edition 6.8.5 2009.07.26 Heuristic.LooksLike.Trojan.Fake.GoogleBar.L[/B]
Microsoft 1.4903 2009.07.26 -
[B]NOD32 4278 2009.07.26 a variant of Win32/Adware.BHO.NGL[/B]
Norman 6.01.09 2009.07.24 -
nProtect 2009.1.8.0 2009.07.26 -
Panda 10.0.0.14 2009.07.25 -
PCTools 4.4.2.0 2009.07.25 -
Prevx 3.0 2009.07.26 -
Rising 21.39.61.00 2009.07.26 -
Sophos 4.44.0 2009.07.26 -
[B]Sunbelt 3.2.1858.2 2009.07.26 Adware.Cinmus[/B]
Symantec 1.4.4.12 2009.07.26 -
TheHacker 6.3.4.3.373 2009.07.24 -
TrendMicro 8.950.0.1094 2009.07.25 -
[B]VBA32 3.12.10.9 2009.07.26 BScope.Trojan.Cinmus.54[/B]
ViRobot 2009.7.25.1853 2009.07.25 -
VirusBuster 4.6.5.0 2009.07.25 -[/QUOTE]
Дополнительная информация
File size: 99328 bytes
MD5...: 1aa4a28552d9cf24878c85914c3442e8
SHA1..: 68a542ea170bd52759aee48acd8ae68682328ac6
SHA256: c4e9963578075ee1b00d95bcc8a49496925183385dbb92e2dc8fe0bd3ce0367a
ssdeep: 1536:B86UAPypaYOwPxWEMGwCcUTcDVsKdwfXpmydqjcfAp0dpv44H4YE:B86NhY
1mXUIRXwfXpmWYpgQl1
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
[url]http://www.virustotal.com/ru/analisis/c4e9963578075ee1b00d95bcc8a49496925183385dbb92e2dc8fe0bd3ce0367a-1248598724[/url]
-
Файл flash_player.exe получен 2009.07.28 18:37:35 (UTC)
Текущий статус: закончено
Результат: 5/41 (12.2%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.07.28 Trojan-Dropper!IK[/B]
AhnLab-V3 5.0.0.2 2009.07.28 -
[B]AntiVir 7.9.0.234 2009.07.28 TR/Dropper.Gen[/B]
Antiy-AVL 2.0.3.7 2009.07.28 -
Authentium 5.1.2.4 2009.07.28 -
Avast 4.8.1335.0 2009.07.28 -
AVG 8.5.0.387 2009.07.28 -
BitDefender 7.2 2009.07.28 -
CAT-QuickHeal 10.00 2009.07.28 -
ClamAV 0.94.1 2009.07.28 -
Comodo 1796 2009.07.28 -
[B]DrWeb 5.0.0.12182 2009.07.28 Trojan.Hosts.107[/B]
eSafe 7.0.17.0 2009.07.28 -
eTrust-Vet 31.6.6643 2009.07.28 -
F-Prot 4.4.4.56 2009.07.28 -
F-Secure 8.0.14470.0 2009.07.28 -
Fortinet 3.120.0.0 2009.07.28 -
GData 19 2009.07.28 -
[B]Ikarus T3.1.1.64.0 2009.07.28 Trojan-Dropper[/B]
Jiangmin 11.0.800 2009.07.28 -
K7AntiVirus 7.10.804 2009.07.28 -
Kaspersky 7.0.0.125 2009.07.28 -
McAfee 5691 2009.07.28 -
McAfee+Artemis 5691 2009.07.28 -
[B]McAfee-GW-Edition 6.8.5 2009.07.28 Trojan.Dropper.Gen[/B]
Microsoft 1.4903 2009.07.28 -
NOD32 4286 2009.07.28 -
Norman 6.01.09 2009.07.28 -
nProtect 2009.1.8.0 2009.07.28 -
Panda 10.0.0.14 2009.07.28 -
PCTools 4.4.2.0 2009.07.28 -
Prevx 3.0 2009.07.28 -
Rising 21.40.14.00 2009.07.28 -
Sophos 4.44.0 2009.07.28 -
Sunbelt 3.2.1858.2 2009.07.28 -
Symantec 1.4.4.12 2009.07.28 -
TheHacker 6.3.4.3.376 2009.07.28 -
TrendMicro 8.950.0.1094 2009.07.28 -
VBA32 3.12.10.9 2009.07.28 -
ViRobot 2009.7.28.1857 2009.07.28 -
VirusBuster 4.6.5.0 2009.07.28 -[/QUOTE]
Дополнительная информация
File size: 12373 bytes
MD5...: 2ece81a4431ed7908b0a088031ad3551
SHA1..: 686c75e6f401504f9f0522f04d848656ab603e1d
SHA256: 71738d8f7a8b0ee857f5dc8b89cc257f69ab4839ab59e1a30a787cf8135784c0
ssdeep: 48:yg0wSiS3XYViUS0FeB12j2ifdv8/9kSfSWtLdBFlwyCZXuClm0mZZNHJn/+K:
U3i2IoGq12j2n1kSHtdBwsCI0SH5l
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
[url]http://www.virustotal.com/ru/analisis/71738d8f7a8b0ee857f5dc8b89cc257f69ab4839ab59e1a30a787cf8135784c0-1248806255[/url]
-
Вложений: 1
промежуточные итоги народного тестирования июнь-июль:
-
Файл qip.jar получен 2009.07.31 11:13:40 (UTC)
Текущий статус: Загрузка ... в очереди ожидание проверка закончено НЕ НАЙДЕНО ОСТАНОВЛЕНО
Результат: [COLOR=red]2[/COLOR]/41 (4.88%)
[QUOTE]a-squared 4.5.0.24 2009.07.31-
AhnLab-V3 5.0.0.2 2009.07.30-
AntiVir 7.9.0.236 2009.07.31-
Antiy-AVL 2.0.3.7 2009.07.31-
Authentium 5.1.2.4 2009.07.31-
Avast 4.8.1335.0 2009.07.30-
AVG 8.5.0.406 2009.07.31-
BitDefender 7.2 2009.07.31-
CAT-QuickHeal 10.00 2009.07.30-
ClamAV 0.94.1 2009.07.31-
Comodo 1822 2009.07.31-
DrWeb 5.0.0.1218 22009.07.31-
eSafe 7.0.17.0 2009.07.30-
eTrust-Vet 31.6.6649 2009.07.31-
F-Prot 4.4.4.56 2009.07.30-
[B]F-Secure 8.0.14470.0 2009.07.31 Trojan-SMS.J2ME.Konov.n[/B]
Fortinet 3.120.0.0 2009.07.31-
GData 19 2009.07.31-
Ikarus T3.1.1.64.0 2009.07.31-
Jiangmin 11.0.800 2009.07.31-
K7AntiVirus 7.10.806 2009.07.30-
[B]Kaspersky 7.0.0.125 2009.07.31 Trojan-SMS.J2ME.Konov.n[/B]
McAfee 5693 2009.07.30-
McAfee+Artemis 5693 2009.07.30-
McAfee-GW-Edition 6.8.5 2009.07.31-
Microsoft 1.4903 2009.07.31-
NOD32 4293 2009.07.31-
Norman 6.01.09 2009.07.30-
nProtect 2009.1.8.0 2009.07.31-
Panda 10.0.0.14 2009.07.30-
PCTools 4.4.2.0 2009.07.29-
Prevx 3.0 2009.07.31-
Rising 21.40.43.00 2009.07.31-
Sophos 4.44.0 2009.07.31-
Sunbelt 3.2.1858.2 2009.07.31-
Symantec 1.4.4.12 2009.07.31-
TheHacker 6.3.4.3.374 2009.07.30-
TrendMicro 8.950.0.1094 2009.07.31-
VBA32 3.12.10.9 2009.07.31-
ViRobot 2009.7.31.1863 2009.07.31-
VirusBuster 4.6.5.0 2009.07.30-
Дополнительная информация
File size: 3857 bytes
MD5...: be32e6cae5a2c5c01d98a9ebace6d91c
SHA1..: cfbaea4d48e1c6f65d82bbd3e65c5b2574d80c4d
SHA256: b317560a62ac5181b1efd4095625740e468318f7279c5b5bd2bad0d1c322e00a[/QUOTE]
-
Файл vk-client-new.5.exe получен 2009.08.01 07:11:37 (UTC)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.07.31 -
AhnLab-V3 5.0.0.2 2009.07.31 -
AntiVir 7.9.0.238 2009.07.31 -
Antiy-AVL 2.0.3.7 2009.07.31 -
Authentium 5.1.2.4 2009.07.31 -
Avast 4.8.1335.0 2009.07.31 -
AVG 8.5.0.406 2009.07.31 -
BitDefender 7.2 2009.08.01 -
CAT-QuickHeal 10.00 2009.07.30 -
ClamAV 0.94.1 2009.08.01 -
Comodo 1832 2009.08.01 -
DrWeb 5.0.0.12182 2009.08.01 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6650 2009.08.01 -
F-Prot 4.4.4.56 2009.07.31 -
F-Secure 8.0.14470.0 2009.07.31 -
Fortinet 3.120.0.0 2009.08.01 -
GData 19 2009.08.01 -
Ikarus T3.1.1.64.0 2009.07.31 -
Jiangmin 11.0.800 2009.08.01 -
K7AntiVirus 7.10.807 2009.07.31 -
Kaspersky 7.0.0.125 2009.08.01 -
McAfee 5694 2009.07.31 -
McAfee+Artemis 5694 2009.07.31 -
McAfee-GW-Edition 6.8.5 2009.08.01 [B]Heuristic.LooksLike.Win32.Suspicious.L!83[/B]
Microsoft 1.4903 2009.08.01 -
[B]NOD32 4295 2009.07.31 a variant of Win32/Kryptik.LR[/B]
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.01 -
Panda 10.0.0.14 2009.07.31 -
PCTools 4.4.2.0 2009.07.31 -
Prevx 3.0 2009.08.01 -
Rising 21.40.44.00 2009.07.31 -
[B]Sophos 4.44.0 2009.08.01 Sus/EncPk-JG[/B]
Sunbelt 3.2.1858.2 2009.07.31 -
Symantec 1.4.4.12 2009.08.01 -
TheHacker 6.3.4.3.375 2009.08.01 -
[B]TrendMicro 8.950.0.1094 2009.07.31 PAK_Generic.001[/B]
VBA32 3.12.10.9 2009.07.31 -
ViRobot 2009.7.31.1863 2009.07.31 -
VirusBuster 4.6.5.0 2009.07.31 -[/QUOTE]
Дополнительная информация
File size: 23040 bytes
MD5...: e536c9d9ceec3b8686d35dc002f1f976
SHA1..: 2b1277b00cb41748c798e341b26c346bc3c80256
SHA256: 0a8c25a01f68082edac235e5f70fac1a7d7a3dfecec42c3824a3acc2f234ba1e
ssdeep: 384:VKhR1HopZov4tbrJFgFbMmRwoZVBN/ka2QlyT:w5opbJiFz9TN/50<
PEiD..: -
-
Файл foto.jar получен 2009.08.02 10:21:13 (UTC)
Текущий статус: закончено
Результат: 10/41 (24.4%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.02 Trojan-SMS!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.07.31 -
[B]Antiy-AVL 2.0.3.7 2009.07.31 Trojan/J2ME.Konov[/B]
Authentium 5.1.2.4 2009.08.01 -
[B]Avast 4.8.1335.0 2009.08.01 Other:Malware-gen[/B]
AVG 8.5.0.406 2009.08.02 -
BitDefender 7.2 2009.08.02 -
CAT-QuickHeal 10.00 2009.07.30 -
ClamAV 0.94.1 2009.08.02 -
[B]Comodo 1838 2009.08.02 TrojWare.J2ME.SMS.Konov.i
DrWeb 5.0.0.12182 2009.08.02 Java.SMSSend.51[/B]
eSafe 7.0.17.0 2009.07.30 -
[B]eTrust-Vet 31.6.6650 2009.08.01 Java/SMSTroj[/B]
F-Prot 4.4.4.56 2009.08.01 -
[B]F-Secure 8.0.14470.0 2009.08.01 Trojan-SMS.J2ME.Konov.i[/B]
Fortinet 3.120.0.0 2009.08.02 -
[B]GData 19 2009.08.02 Other:Malware-gen
Ikarus T3.1.1.64.0 2009.08.02 Trojan-SMS[/B]
Jiangmin 11.0.800 2009.08.02 -
K7AntiVirus 7.10.808 2009.08.01 -
[B]Kaspersky 7.0.0.125 2009.08.02 Trojan-SMS.J2ME.Konov.i[/B]
McAfee 5695 2009.08.01 -
McAfee+Artemis 5695 2009.08.01 -
McAfee-GW-Edition 6.8.5 2009.08.02 -
Microsoft 1.4903 2009.08.02 -
NOD32 4298 2009.08.02 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.02 -
Panda 10.0.0.14 2009.08.02 -
PCTools 4.4.2.0 2009.08.01 -
Prevx 3.0 2009.08.02 -
Rising 21.40.44.00 2009.07.31 -
Sophos 4.44.0 2009.08.02 -
Sunbelt 3.2.1858.2 2009.08.02 -
Symantec 1.4.4.12 2009.08.02 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.07.31 -
VBA32 3.12.10.9 2009.08.02 -
ViRobot 2009.7.31.1863 2009.07.31 -
VirusBuster 4.6.5.0 2009.07.31 -[/QUOTE]
Дополнительная информация
File size: 2662 bytes
MD5...: f153398fceceb5f26e840576d658e907
SHA1..: ea0b174e210c239264a3db9afc4dc0c9c4eb38ca
SHA256: f8637e1353b8339a8bd0da652ed23b67ee322f5d8c3eb60274c83156daa53748
ssdeep: 48:91FTQo0tOURs9y3VeiTExPW387mjiAlqAxBCSZyU8/scU6p7dKNZ4w:DFTiOU
Rs9qVeiTUDycSZJn6ZdkZL
PEiD..: -
TrID..: File type identification
Java Archive (78.3%)
ZIP compressed archive (21.6%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
[url]http://www.virustotal.com/ru/analisis/f8637e1353b8339a8bd0da652ed23b67ee322f5d8c3eb60274c83156daa53748-1249208473[/url]
-
File index_1_.htm received on 2009.08.02 17:44:10 (UTC)
Current status: finished
Result: 7/40 (17.50%)
[QUOTE]a-squared 4.5.0.24 2009.08.02 -
AhnLab-V3 5.0.0.2 2009.08.01 -
[B]AntiVir 7.9.0.238 2009.08.02 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.07.31 -
Authentium 5.1.2.4 2009.08.02 -
[B]Avast 4.8.1335.0 2009.08.01 JS:Obfuscated-CV[/B]
[B]AVG 8.5.0.406 2009.08.02 JS/Downloader.Agent[/B]
BitDefender 7.2 2009.08.02 -
CAT-QuickHeal 10.00 2009.07.30 -
ClamAV 0.94.1 2009.08.02 -
Comodo 1840 2009.08.02 -
DrWeb 5.0.0.12182 2009.08.02 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6650 2009.08.01 -
F-Prot 4.4.4.56 2009.08.02 -
F-Secure 8.0.14470.0 2009.08.01 -
Fortinet 3.120.0.0 2009.08.02 -
[B]GData 19 2009.08.02 JS:Obfuscated-CV[/B]
Ikarus T3.1.1.64.0 2009.08.02 -
Jiangmin 11.0.800 2009.08.02 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.02 -
McAfee 5695 2009.08.01 -
McAfee+Artemis 5695 2009.08.01 -
[B]McAfee-GW-Edition 6.8.5 2009.08.02 Heuristic.LooksLike.JS.Suspicious.A[/B]
Microsoft 1.4903 2009.08.02 -
NOD32 4299 2009.08.02 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.02 -
Panda 10.0.0.14 2009.08.02 -
PCTools 4.4.2.0 2009.08.02 -
Rising 21.40.62.00 2009.08.02 -
Sophos 4.44.0 2009.08.02 -
Sunbelt 3.2.1858.2 2009.08.02 -
[B]Symantec 1.4.4.12 2009.08.02 Trojan.Malscript!html[/B]
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.07.31 -
[B]VBA32 3.12.10.9 2009.08.02 Trojan-Downloader.JS.Iframe.blg[/B]
ViRobot 2009.7.31.1863 2009.07.31 -
VirusBuster 4.6.5.0 2009.08.02 -[/QUOTE]
Additional information
File size: 6501 bytes
MD5 : c8bcdb732ed5e73d802e4404b7771e10
SHA1 : 51c76ed7f908255032f9ee0c4ca06d139b1e5e82
SHA256: d9a8404ae35297ea45d514f2502b6ca777dab88d8dbf58ccb7165689ab016ebf
TrID : File type identification
Unknown!
ssdeep: 192:bWkW3PFo3XtifBBILnfi98Ci+2XBt9PDgN/:b/so3nLK98C8Dw
PEiD : -
RDS : NSRL Reference Data Set
-
-
Эт всё от контакта
File sms-vkontakte received on 2009.08.03 11:21:09 (UTC)
Current status: finished
Result: 5/41 (12.2%)
[QUOTE][B]a-squared 4.5.0.24 2009.08.03 Riskware.JS.Obfuscator!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.01 -
[B]AntiVir 7.9.0.238 2009.08.03 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.03 -
Authentium 5.1.2.4 2009.08.02 -
Avast 4.8.1335.0 2009.08.02 -
AVG 8.5.0.406 2009.08.03 -
BitDefender 7.2 2009.08.03 -
CAT-QuickHeal 10.00 2009.08.03 -
ClamAV 0.94.1 2009.08.03 -
Comodo 1849 2009.08.03 -
DrWeb 5.0.0.12182 2009.08.03 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6655 2009.08.03 -
F-Prot 4.4.4.56 2009.08.02 -
F-Secure 8.0.14470.0 2009.08.03 -
Fortinet 3.120.0.0 2009.08.03 -
GData 19 2009.08.03 -
[B]Ikarus T3.1.1.64.0 2009.08.03 VirTool.JS.Obfuscator[/B]
Jiangmin 11.0.800 2009.08.03 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.03 -
McAfee 5696 2009.08.02 -
McAfee+Artemis 5696 2009.08.02 -
[B]McAfee-GW-Edition 6.8.5 2009.08.03 Heuristic.Script.Crypted[/B]
[B]Microsoft 1.4903 2009.08.03 VirTool:JS/Obfuscator.H[/B]
NOD32 4300 2009.08.03 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.03 -
Panda 10.0.0.14 2009.08.02 -
PCTools 4.4.2.0 2009.08.02 -
Prevx 3.0 2009.08.03 -
Rising 21.41.02.00 2009.08.03 -
Sophos 4.44.0 2009.08.03 -
Sunbelt 3.2.1858.2 2009.08.03 -
Symantec 1.4.4.12 2009.08.03 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.03 -
VBA32 3.12.10.9 2009.08.03 -
ViRobot 2009.8.3.1865 2009.08.03 -
VirusBuster 4.6.5.0 2009.08.02 -[/QUOTE]
Additional information
File size: 710 bytes
MD5...: 44493a2e5f0b3f40d78af23706e90f0e
SHA1..: 462bc9a61c5d6ad12d289c2ebbb68cdeb24d1f7a
SHA256: fff61030becae6d994f10e91d66754f133397596c6551da28eeeab8546fead0b
ssdeep: 12:X7jtNDxAqk0+qK0WEzqtjSow/EKEsN0YlE7guu5lJeinga05jwWT3wdVl:XPD
k0+qzWe2SoOdEa+7fuIin42XP
PEiD..: -
TrID..: File type identification
GZipped File (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
packers (F-Prot): packed
File 549a6be38aae63e8913bd1d43b14d83a received on 2009.08.03 11:34:44 (UTC)
Current status: finished
Result: 3/41 (7.32%)
[QUOTE]a-squared 4.5.0.24 2009.08.03 -
AhnLab-V3 5.0.0.2 2009.08.01 -
[B]AntiVir 7.9.0.238 2009.08.03 HTML/Psyme.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.03 -
Authentium 5.1.2.4 2009.08.02 -
Avast 4.8.1335.0 2009.08.02 -
AVG 8.5.0.406 2009.08.03 -
BitDefender 7.2 2009.08.03 -
CAT-QuickHeal 10.00 2009.08.03 -
ClamAV 0.94.1 2009.08.03 -
Comodo 1849 2009.08.03 -
DrWeb 5.0.0.12182 2009.08.03 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6655 2009.08.03 -
F-Prot 4.4.4.56 2009.08.02 -
F-Secure 8.0.14470.0 2009.08.03 -
Fortinet 3.120.0.0 2009.08.03 -
GData 19 2009.08.03 -
Ikarus T3.1.1.64.0 2009.08.03 -
Jiangmin 11.0.800 2009.08.03 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.03 -
McAfee 5696 2009.08.02 -
McAfee+Artemis 5696 2009.08.02 -
[B]McAfee-GW-Edition 6.8.5 2009.08.03 Script.Psyme.Gen[/B]
[B]Microsoft 1.4903 2009.08.03 VirTool:JS/Obfuscator.H[/B]
NOD32 4300 2009.08.03 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.03 -
Panda 10.0.0.14 2009.08.02 -
PCTools 4.4.2.0 2009.08.02 -
Prevx 3.0 2009.08.03 -
Rising 21.41.02.00 2009.08.03 -
Sophos 4.44.0 2009.08.03 -
Sunbelt 3.2.1858.2 2009.08.03 -
Symantec 1.4.4.12 2009.08.03 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.03 -
VBA32 3.12.10.9 2009.08.03 -
ViRobot 2009.8.3.1865 2009.08.03 -
VirusBuster 4.6.5.0 2009.08.02 -[/QUOTE]
Additional information
File size: 4072 bytes
MD5...: 549a6be38aae63e8913bd1d43b14d83a
SHA1..: 528fa966c136cd0f411227e20e09d08d2fe50893
SHA256: 323db2eb646c0b54669bd4dd2ecc48f0814464af3665a99e971ef2e5c453fe42
ssdeep: 96:e1M1M8Cs2Ot4LkWyC5cCJcCiw1x2TGQtqswWF7DG:kmMp9kW35JJJHgf7DG
PEiD..: -
TrID..: File type identification
Text - UTF-16 (LE) encoded (64.4%)
MP3 audio (32.2%)
Lumena CEL bitmap (2.0%)
Corel Photo Paint (1.3%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
packers (F-Prot): Unicode
File e712330a93f5cf725ea0c6bc4c52375b received on 2009.08.03 11:34:56 (UTC)
Current status: finished
Result: 5/41 (12.2%)
[QUOTE]Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.08.03 -
AhnLab-V3 5.0.0.2 2009.08.01 -
[B]AntiVir 7.9.0.238 2009.08.03 HTML/Infected.WebPage.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.03 -
Authentium 5.1.2.4 2009.08.02 -
[B]Avast 4.8.1335.0 2009.08.02 HTML:Iframe-inf[/B]
AVG 8.5.0.406 2009.08.03 -
BitDefender 7.2 2009.08.03 -
CAT-QuickHeal 10.00 2009.08.03 -
ClamAV 0.94.1 2009.08.03 -
Comodo 1849 2009.08.03 -
DrWeb 5.0.0.12182 2009.08.03 -
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6655 2009.08.03 -
F-Prot 4.4.4.56 2009.08.02 -
F-Secure 8.0.14470.0 2009.08.03 -
Fortinet 3.120.0.0 2009.08.03 -
[B]GData 19 2009.08.03 HTML:Iframe-inf[/B]
Ikarus T3.1.1.64.0 2009.08.03 -
Jiangmin 11.0.800 2009.08.03 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.03 -
McAfee 5696 2009.08.02 -
McAfee+Artemis 5696 2009.08.02 -
[B]McAfee-GW-Edition 6.8.5 2009.08.03 Heuristic.Script.Infected.WebPage[/B]
Microsoft 1.4903 2009.08.03 -
NOD32 4300 2009.08.03 -
[B]Norman 6.01.09 2009.07.31 HTML/Iframe.G[/B]
nProtect 2009.1.8.0 2009.08.03 -
Panda 10.0.0.14 2009.08.02 -
PCTools 4.4.2.0 2009.08.02 -
Prevx 3.0 2009.08.03 -
Rising 21.41.02.00 2009.08.03 -
Sophos 4.44.0 2009.08.03 -
Sunbelt 3.2.1858.2 2009.08.03 -
Symantec 1.4.4.12 2009.08.03 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.03 -
VBA32 3.12.10.9 2009.08.03 -
ViRobot 2009.8.3.1865 2009.08.03 -
VirusBuster 4.6.5.0 2009.08.02 -[/QUOTE]
Additional information
File size: 188 bytes
MD5...: e712330a93f5cf725ea0c6bc4c52375b
SHA1..: 05fbff8903000d1deda96d01614cff5916e0bd99
SHA256: 3d7b276f53d1f676ebaa54da1e475bb445815b0055a2db329f9aa2bbf4479173
ssdeep: 3:Q4giyYFI+MKXyR+plM1yClMAlW/LXCn/lFMbCn/lFIcpAYlHlBvohalhluWlgT
:QdiLMKXyR+lM1yCWAlWWncun4cp9CsB8
PEiD..: -
TrID..: File type identification
Text - UTF-16 (LE) encoded (66.6%)
MP3 audio (33.3%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
packers (F-Prot): Unicode
Файл MW2bl2ow.exe.part получен 2009.08.03 11:39:35 (UTC)
Текущий статус: Закончено
Результат: 7/41 (17.08%)
[QUOTE]a-squared 4.5.0.24 2009.08.03 -
AhnLab-V3 5.0.0.2 2009.08.01 -
[B]AntiVir 7.9.0.238 2009.08.03 TR/Dldr.Banload.zdt[/B]
Antiy-AVL 2.0.3.7 2009.08.03 -
[B]Authentium 5.1.2.4 2009.08.02 W32/Downldr2.GAZE[/B]
Avast 4.8.1335.0 2009.08.02 -
AVG 8.5.0.406 2009.08.03 -
BitDefender 7.2 2009.08.03 -
CAT-QuickHeal 10.00 2009.08.03 -
[B]ClamAV 0.94.1 2009.08.03 Trojan.Downloader-73889[/B]
Comodo 1849 2009.08.03 -
DrWeb 5.0.0.12182 2009.08.03 -
[B]eSafe 7.0.17.0 2009.07.30 Suspicious File[/B]
eTrust-Vet 31.6.6655 2009.08.03 -
[B]F-Prot 4.4.4.56 2009.08.02 W32/Downldr2.GAZE[/B]
F-Secure 8.0.14470.0 2009.08.03 -
Fortinet 3.120.0.0 2009.08.03 -
GData 19 2009.08.03 -
Ikarus T3.1.1.64.0 2009.08.03 -
Jiangmin 11.0.800 2009.08.03 -
K7AntiVirus 7.10.808 2009.08.01 -
Kaspersky 7.0.0.125 2009.08.03 -
McAfee 5696 2009.08.02 -
McAfee+Artemis 5696 2009.08.02 -
[B]McAfee-GW-Edition 6.8.5 2009.08.03 Trojan.Dldr.Banload.zdt[/B]
Microsoft 1.4903 2009.08.03 -
NOD32 4300 2009.08.03 -
Norman 6.01.09 2009.07.31 -
nProtect 2009.1.8.0 2009.08.03 -
Panda 10.0.0.14 2009.08.02 -
PCTools 4.4.2.0 2009.08.02 -
Prevx 3.0 2009.08.03 -
Rising 21.41.02.00 2009.08.03 -
Sophos 4.44.0 2009.08.03 -
Sunbelt 3.2.1858.2 2009.08.03 -
Symantec 1.4.4.12 2009.08.03 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.03 -
VBA32 3.12.10.9 2009.08.03 -
ViRobot 2009.8.3.1865 2009.08.03 -
[B]VirusBuster 4.6.5.0 2009.08.02 Trojan.DL.Banload.ASKT[/B
[/QUOTE]
Дополнительная информация
File size: 102200 bytes
MD5...: 244dc79fd7fe3eafc2570c58a16a1663
SHA1..: 97b927b350e485adf400956620c85476973cf1dd
SHA256: 634f850fcf1c58c008101fd2075eb6ea7ae843df508904a3615e7a3770eb3a4c
ssdeep: 1536:5YNQ+cdiUBjyWgp0oNmFqXmOWRDOib6aqkSZZZ3EPGGul5tzZWOLyfDy4cD
2IDMv:5yUBjy5OFvOWRDbbNUEPozbwDyNyID9e
PEiD..: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
TrID..: File type identification
UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x21d00
timedatestamp.....: 0x44e24a66 (Tue Aug 15 22:27:50 2006)
machinetype.......: 0x14c (I386)
File reiting.exe received on 2009.08.03 11:45:01 (UTC)
Current status: finished
Result: 35/41 (85.37%)
[QUOTE][B]a-squared 4.5.0.24 2009.08.03 Trojan.Win32.Qhost!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.01 -
[B]AntiVir 7.9.0.238 2009.08.03 TR/Qhost.lmb[/B]
[B]Antiy-AVL 2.0.3.7 2009.08.03 Trojan/Win32.Qhost.gen[/B]
[B]Authentium 5.1.2.4 2009.08.02 W32/Trojan2.HKKZ[/B]
[B]Avast 4.8.1335.0 2009.08.02 Win32:Trojan-gen {Other}[/B]
[B]AVG 8.5.0.406 2009.08.03 Generic13.AHII[/B]
[B]BitDefender 7.2 2009.08.03 Trojan.Generic.1910797[/B]
[B]CAT-QuickHeal 10.00 2009.08.03 Trojan.Qhost.lmb[/B]
ClamAV 0.94.1 2009.08.03 -
[B]Comodo 1849 2009.08.03 TrojWare.Win32.Qhost.lmb[/B]
[B]DrWeb 5.0.0.12182 2009.08.03 Trojan.MulDrop.31260[/B]
[B]eSafe 7.0.17.0 2009.07.30 Win32.TRQhost.Lmb[/B]
eTrust-Vet 31.6.6655 2009.08.03 -
[B]F-Prot 4.4.4.56 2009.08.02 W32/Trojan2.HKKZ[/B]
[B]F-Secure 8.0.14470.0 2009.08.03 Trojan.Win32.Qhost.lmb[/B]
[B]Fortinet 3.120.0.0 2009.08.03 W32/Qhost.LMB!tr[/B]
[B]GData 19 2009.08.03 Trojan.Generic.1910797[/B]
[B]Ikarus T3.1.1.64.0 2009.08.03 Trojan.Win32.Qhost[/B]
[B]Jiangmin 11.0.800 2009.08.03 Trojan/Qhost.tb[/B]
[B]K7AntiVirus 7.10.808 2009.08.01 Trojan.Win32.Qhost.lmb[/B]
[B]Kaspersky 7.0.0.125 2009.08.03 Trojan.Win32.Qhost.lmb[/B]
[B]McAfee 5696 2009.08.02 Generic Dropper!q[/B]
[B]McAfee+Artemis 5696 2009.08.02 Generic Dropper!q[/B]
[B]McAfee-GW-Edition 6.8.5 2009.08.03 Heuristic.BehavesLike.Win32.ModifiedUPX.B!92[/B]
[B]Microsoft 1.4903 2009.08.03 Trojan:Win32/Qhost.AY[/B]
[B]NOD32 4300 2009.08.03 Win32/Qhost.NJO[/B]
Norman 6.01.09 2009.07.31 -
[B]nProtect 2009.1.8.0 2009.08.03 Trojan/W32.Qhost.19968.E[/B]
[B]Panda 10.0.0.14 2009.08.03 Trj/Spambot.C[/B]
PCTools 4.4.2.0 2009.08.02 -
[B]Prevx 3.0 2009.08.03 High Risk Cloaked Malware[/B]
[B]Rising 21.41.02.00 2009.08.03 Dropper.Win32.Agent.zrh[/B]
[B]Sophos 4.44.0 2009.08.03 Mal/Generic-A[/B]
[B]Sunbelt 3.2.1858.2 2009.08.03 Bulk Trojan[/B]
[B]Symantec 1.4.4.12 2009.08.03 Trojan.SpamThru[/B]
[B]TheHacker 6.3.4.3.375 2009.08.01 Trojan/Qhost.lmb[/B]
[B]TrendMicro 8.950.0.1094 2009.08.03 TROJ_QHOST.TR[/B]
[B]VBA32 3.12.10.9 2009.08.03 Trojan.Win32.Qhost.lmb[/B]
ViRobot 2009.8.3.1865 2009.08.03 -
[B]VirusBuster 4.6.5.0 2009.08.02 Trojan.Qhost.BBF[/B][/QUOTE]
Additional information
File size: 19968 bytes
MD5...: 280619caade6d10b81fe8c5657dd6bdd
SHA1..: 6d00a4af9c39b7c5cb5cbaceb2b363cc6fcd1392
SHA256: b290b5c559729fd65e80dfd1063ded37958fc0ccaa7b6442afae0f38127601ae
ssdeep: 384:Iw4VGlwmBBO1IfXxZxyNVyTI7Uhy150stdRIyMaNJawcudoD7Uvm7P:rmmBI
IfDcVj15v3jFnbcuyD7UM
PEiD..: UPX 2.93 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
TrID..: File type identification
Win32 Executable Generic (67.8%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
VXD Driver (0.2%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0xe360
timedatestamp.....: 0x49f46a61 (Sun Apr 26 14:06:25 2009)
machinetype.......: 0x14c (I386)
[url]http://info.prevx.com/aboutprogramtext.asp?PX5=FB511439005A5F2E4E92001AAC5101008711BF73[/url]
-
Файл avz00001.dta получен 2009.08.03 13:31:49 (UTC)
Текущий статус: закончено
Результат: 10/41 (24.4%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.03 -
AhnLab-V3 5.0.0.2 2009.08.01 -
[B]AntiVir 7.9.0.238 2009.08.03 TR/Buzus.brhg[/B]
Antiy-AVL 2.0.3.7 2009.08.03 -
Authentium 5.1.2.4 2009.08.02 -
Avast 4.8.1335.0 2009.08.02 -
AVG 8.5.0.406 2009.08.03 -
BitDefender 7.2 2009.08.03 -
CAT-QuickHeal 10.00 2009.08.03 -
ClamAV 0.94.1 2009.08.03 -
Comodo 1850 2009.08.03 -
[B]DrWeb 5.0.0.12182 2009.08.03 Win32.HLLW.Autoruner.7323[/B]
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6655 2009.08.03 -
F-Prot 4.4.4.56 2009.08.02 -
[B]F-Secure 8.0.14470.0 2009.08.03 Trojan.Win32.Buzus.brhg
Fortinet 3.120.0.0 2009.08.03 W32/Buzus.BRHG!tr[/B]
GData 19 2009.08.03 -
Ikarus T3.1.1.64.0 2009.08.03 -
[B]Jiangmin 11.0.800 2009.08.03 Trojan/Buzus.nwc[/B]
K7AntiVirus 7.10.808 2009.08.01 -
[B]Kaspersky 7.0.0.125 2009.08.03 Trojan.Win32.Buzus.brhg[/B]
McAfee 5696 2009.08.02 -
McAfee+Artemis 5696 2009.08.02 -
[B]McAfee-GW-Edition 6.8.5 2009.08.03 Heuristic.LooksLike.Worm.Kolab.B[/B]
Microsoft 1.4903 2009.08.03 -
NOD32 4300 2009.08.03 -
Norman 6.01.09 2009.08.03 -
nProtect 2009.1.8.0 2009.08.03 -
[B]Panda 10.0.0.14 2009.08.03 Trj/Buzus.HA[/B]
PCTools 4.4.2.0 2009.08.03 -
[B]Prevx 3.0 2009.08.03 High Risk Cloaked Malware[/B]
Rising 21.41.02.00 2009.08.03 -
Sophos 4.44.0 2009.08.03 -
Sunbelt 3.2.1858.2 2009.08.03 -
[B]Symantec 1.4.4.12 2009.08.03 Suspicious.MH690.A[/B]
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.03 -
VBA32 3.12.10.9 2009.08.03 -
ViRobot 2009.8.3.1865 2009.08.03 -
VirusBuster 4.6.5.0 2009.08.02 -[/QUOTE]
Дополнительная информация
File size: 124928 bytes
MD5...: efb23688c0132d7fea66bcb79ad7e383
SHA1..: 1ac8bb94919d7319260313994f8d7edf6298d4a7
SHA256: 8c87381aff84664d84eb160e2c1db4ff96ce620299cebd1e1b566eb15a146456
ssdeep: 1536:SIoXVBOlxvrSXsxhcXw+NeRqk3WZFfPMCVUli9FlH/FzZ9bKG8TIKnY56OU
MhyHr:oXzXBNEeZFXMto9FlHXxKG8TIipHKP
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (58.3%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.7%)
DOS Executable Generic (13.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
[url]http://www.virustotal.com/ru/analisis/8c87381aff84664d84eb160e2c1db4ff96ce620299cebd1e1b566eb15a146456-1249306309[/url]
Файл avz00002.dta получен 2009.08.03 13:32:20 (UTC)
Текущий статус: закончено
Результат: 13/41 (31.71%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.03 Net-Worm.Win32.Kolab!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.01 -
AntiVir 7.9.0.238 2009.08.03 -
Antiy-AVL 2.0.3.7 2009.08.03 -
Authentium 5.1.2.4 2009.08.02 -
Avast 4.8.1335.0 2009.08.02 -
[B][B]AVG 8.5.0.406 2009.08.03 Injector.FF[/B][/B]
BitDefender 7.2 2009.08.03 -
CAT-QuickHeal 10.00 2009.08.03 -
ClamAV 0.94.1 2009.08.03 -
[B]Comodo 1850 2009.08.03 UnclassifiedMalware
DrWeb 5.0.0.12182 2009.08.03 Trojan.MulDrop.33045[/B]
eSafe 7.0.17.0 2009.07.30 -
eTrust-Vet 31.6.6655 2009.08.03 -
F-Prot 4.4.4.56 2009.08.02 -
[B]F-Secure 8.0.14470.0 2009.08.03 Net-Worm.Win32.Kolab.dft[/B]
Fortinet 3.120.0.0 2009.08.03 -
GData 19 2009.08.03 -
[B]Ikarus T3.1.1.64.0 2009.08.03 Net-Worm.Win32.Kolab
Jiangmin 11.0.800 2009.08.03 Worm/Kolab.ro[/B]
K7AntiVirus 7.10.808 2009.08.01 -
[B]Kaspersky 7.0.0.125 2009.08.03 Net-Worm.Win32.Kolab.dft[/B]
McAfee 5696 2009.08.02 -
[B]McAfee+Artemis 5696 2009.08.02 Artemis!8E10307F9B48[/B]
McAfee-GW-Edition 6.8.5 2009.08.03 -
Microsoft 1.4903 2009.08.03 -
[B]NOD32 4300 2009.08.03 Win32/Injector.UR[/B]
Norman 6.01.09 2009.08.03 -
nProtect 2009.1.8.0 2009.08.03 -
Panda 10.0.0.14 2009.08.03 -
PCTools 4.4.2.0 2009.08.03 -
[B]Prevx 3.0 2009.08.03 High Risk Cloaked Malware[/B]
Rising 21.41.02.00 2009.08.03 -
[B]Sophos 4.44.0 2009.08.03 Mal/Generic-A[/B]
Sunbelt 3.2.1858.2 2009.08.03 -
Symantec 1.4.4.12 2009.08.03 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.03 -
[B]VBA32 3.12.10.9 2009.08.03 Net-Worm.Win32.Kolab.deo[/B]
ViRobot 2009.8.3.1865 2009.08.03 -
VirusBuster 4.6.5.0 2009.08.02 -[/QUOTE]
Дополнительная информация
File size: 84992 bytes
MD5...: 8e10307f9b4879a45b86ddda9ab74884
SHA1..: 8f4c38ba2059a87cdcf5ff7e5027dbffa1b01c8c
SHA256: aa531a0162ff09b4219259988a81a684e0b8c3523159a97c9d828ceb4f7bc31b
ssdeep: 1536:C+YDy1fv/pHysT4II5UgVM7b9jA3UHvdNZMmcOr2MXlG:CnyhvBywPgVM7b
FqyVNZME1XlG
PEiD..: Armadillo v1.71
TrID..: File type identification
Win32 Dynamic Link Library (generic) (65.4%)
Generic Win/DOS Executable (17.2%)
DOS Executable Generic (17.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
[url]http://www.virustotal.com/ru/analisis/aa531a0162ff09b4219259988a81a684e0b8c3523159a97c9d828ceb4f7bc31b-1249306340[/url]
-
Файл load.exe получен 2009.08.04 20:04:22 (UTC)
Текущий статус: закончено
Результат: 4/41 (9.76%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.04 -
AhnLab-V3 5.0.0.2 2009.08.04 -
AntiVir 7.9.0.240 2009.08.04 -
Antiy-AVL 2.0.3.7 2009.08.04 -
Authentium 5.1.2.4 2009.08.04 -
Avast 4.8.1335.0 2009.08.04 -
AVG 8.5.0.406 2009.08.04 -
BitDefender 7.2 2009.08.04 -
CAT-QuickHeal 10.00 2009.08.04 -
ClamAV 0.94.1 2009.08.04 -
Comodo 1865 2009.08.04 -
DrWeb 5.0.0.12182 2009.08.04 -
eSafe 7.0.17.0 2009.08.04 -
eTrust-Vet 31.6.6657 2009.08.04 -
F-Prot 4.4.4.56 2009.08.04 -
F-Secure 8.0.14470.0 2009.08.04 -
Fortinet 3.120.0.0 2009.08.04 -
GData 19 2009.08.04 -
Ikarus T3.1.1.64.0 2009.08.04 -
[B]Jiangmin 11.0.800 2009.08.04 Trojan/Agent.cqwr[/B]
K7AntiVirus 7.10.810 2009.08.04 -
[B]Kaspersky 7.0.0.125 2009.08.04 Trojan.Win32.Inject.ahfu[/B]
McAfee 5698 2009.08.04 -
McAfee+Artemis 5698 2009.08.04 -
[B]McAfee-GW-Edition 6.8.5 2009.08.04 Heuristic.LooksLike.Heuristic.BehavesLike.Win32.Trojan.B[/B]
Microsoft 1.4903 2009.08.04 -
[B]NOD32 4306 2009.08.04 Win32/Oficla.D[/B]
Norman 6.01.09 2009.08.04 -
nProtect 2009.1.8.0 2009.08.04 -
Panda 10.0.0.14 2009.08.04 -
PCTools 4.4.2.0 2009.08.04 -
Prevx 3.0 2009.08.04 -
Rising 21.41.14.00 2009.08.04 -
Sophos 4.44.0 2009.08.04 -
Sunbelt 3.2.1858.2 2009.08.04 -
Symantec 1.4.4.12 2009.08.04 -
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.04 -
VBA32 3.12.10.9 2009.08.04 -
ViRobot 2009.8.4.1867 2009.08.04 -
VirusBuster 4.6.5.0 2009.08.04 -[/QUOTE]
Дополнительная информация
File size: 19456 bytes
MD5...: 3a96e2c81dfe1e59bb805e0496fe4469
SHA1..: 70e8c60a07752d4c68f37f832e08f84d1c33d491
SHA256: f5a40dbe7b81c5b5d703481d6169f4cec5edaf3c7a40d1b23da528f4100d103d
ssdeep: 384:1C5Km3pW2PFV9JKAQjfiKQYXnH22wtEWZCF:1C5KmZhrKzjaDQUy
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (58.2%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.6%)
DOS Executable Generic (13.6%)
VXD Driver (0.2%)
PEInfo: PE Structure information
[url]http://www.virustotal.com/ru/analisis/f5a40dbe7b81c5b5d703481d6169f4cec5edaf3c7a40d1b23da528f4100d103d-1249416262[/url]
Файл pdf.pdf получен 2009.08.04 20:04:46 (UTC)
Текущий статус: закончено
Результат: 7/41 (17.08%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.04 -
AhnLab-V3 5.0.0.2 2009.08.04 -
AntiVir 7.9.0.240 2009.08.04 -
Antiy-AVL 2.0.3.7 2009.08.04 -
Authentium 5.1.2.4 2009.08.04 -
[B]Avast 4.8.1335.0 2009.08.04 JS:Pdfka-MM[/B]
AVG 8.5.0.406 2009.08.04 -
BitDefender 7.2 2009.08.04 -
CAT-QuickHeal 10.00 2009.08.04 -
ClamAV 0.94.1 2009.08.04 -
[B]Comodo 1865 2009.08.04 Exploit.JS.Agent.~AB[/B]
DrWeb 5.0.0.12182 2009.08.04 -
eSafe 7.0.17.0 2009.08.04 -
eTrust-Vet 31.6.6657 2009.08.04 -
F-Prot 4.4.4.56 2009.08.04 -
F-Secure 8.0.14470.0 2009.08.04 -
Fortinet 3.120.0.0 2009.08.04 -
[B]GData 19 2009.08.04 JS:Pdfka-MM[/B]
Ikarus T3.1.1.64.0 2009.08.04 -
Jiangmin 11.0.800 2009.08.04 -
K7AntiVirus 7.10.810 2009.08.04 -
Kaspersky 7.0.0.125 2009.08.04 -
McAfee 5698 2009.08.04 -
McAfee+Artemis 5698 2009.08.04 -
[B]McAfee-GW-Edition 6.8.5 2009.08.04 Exploit.PDF.Recursedecrypt.gen[/B]
Microsoft 1.4903 2009.08.04 -
NOD32 4306 2009.08.04 -
Norman 6.01.09 2009.08.04 -
nProtect 2009.1.8.0 2009.08.04 -
Panda 10.0.0.14 2009.08.04 -
PCTools 4.4.2.0 2009.08.04 -
Prevx 3.0 2009.08.04 -
Rising 21.41.14.00 2009.08.04 -
[B]Sophos 4.44.0 2009.08.04 Mal/PdfEx-C
Sunbelt 3.2.1858.2 2009.08.04 Exploit.PDF-JS.Gen (v)
Symantec 1.4.4.12 2009.08.04 Bloodhound.Exploit.196[/B]
TheHacker 6.3.4.3.375 2009.08.01 -
TrendMicro 8.950.0.1094 2009.08.04 -
VBA32 3.12.10.9 2009.08.04 -
ViRobot 2009.8.4.1867 2009.08.04 -
VirusBuster 4.6.5.0 2009.08.04 -[/QUOTE]
Дополнительная информация
File size: 2959 bytes
MD5...: 737579946352e88a6cb5d54ec102f566
SHA1..: 6853889e94b032db748edd5861b68d75258e30a2
SHA256: cfe1749cf2954e45c84bf75dd2fea339555b259d78bb542d512299cbe50bc260
ssdeep: 48:FuENYPNRgS+K5vkwzjYHSDTqG3LMlUJ7IAOBvod0rLNvSOChWAdXYCOzZzEDN
Kf6:cENY1RgNK5swzz+G3wOJ8tpod+qOChdD
PEiD..: -
TrID..: File type identification
Adobe Portable Document Format (100.0%)
PEInfo: -
[url]http://www.virustotal.com/ru/analisis/cfe1749cf2954e45c84bf75dd2fea339555b259d78bb542d512299cbe50bc260-1249416286[/url]
-
Файл update.exe получен 2009.08.06 10:00:53 (UTC)
Текущий статус: закончено
Результат: 22/41 (53.66%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.06 Trojan-Downloader.Win32.Bredolab!IK
AhnLab-V3 5.0.0.2 2009.08.06 Win-Trojan/Downloader.30208.BX
AntiVir 7.9.0.240 2009.08.06 BDS/Zdoogu.FA
Antiy-AVL 2.0.3.7 2009.08.05 Backdoor/Win32.Zdoogu.gen[/B]
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
[B]AVG 8.5.0.406 2009.08.06 SHeur2.AUGF[/B]
BitDefender 7.2 2009.08.06 -
[B]CAT-QuickHeal 10.00 2009.08.06 (Suspicious) - DNAScan[/B]
ClamAV 0.94.1 2009.08.06 -
[B]Comodo 1884 2009.08.06 TrojWare.Win32.TrojanSpy.Zbot.~GAI[/B]
DrWeb 5.0.0.12182 2009.08.06 -
[B]eSafe 7.0.17.0 2009.08.05 Suspicious File[/B]
eTrust-Vet 31.6.6661 2009.08.06 -
F-Prot 4.4.4.56 2009.08.05 -
[B]F-Secure 8.0.14470.0 2009.08.06 Backdoor.Win32.Zdoogu.fa
Fortinet 3.120.0.0 2009.08.06 W32/Zdoogu.FA!tr.bdr[/B]
GData 19 2009.08.06 -
[B]Ikarus T3.1.1.64.0 2009.08.06 Trojan-Downloader.Win32.Bredolab[/B]
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.811 2009.08.05 -
[B]Kaspersky 7.0.0.125 2009.08.06 Backdoor.Win32.Zdoogu.fa[/B]
McAfee 5699 2009.08.05 -
[B]McAfee+Artemis 5699 2009.08.05 Artemis!424760B62B81
McAfee-GW-Edition 6.8.5 2009.08.06 Trojan.Backdoor.Zdoogu.FA
Microsoft 1.4903 2009.08.06 TrojanDownloader:Win32/Bredolab.X
NOD32 4311 2009.08.06 a variant of Win32/Kryptik.ZY[/B]
Norman 6.01.09 2009.08.06 -
[B]nProtect 2009.1.8.0 2009.08.06 Backdoor/W32.Zdoogu.30208.B
Panda 10.0.0.14 2009.08.05 Trj/CI.A[/B]
PCTools 4.4.2.0 2009.08.05 -
[B]Prevx 3.0 2009.08.06 High Risk Cloaked Malware[/B]
Rising 21.41.32.00 2009.08.06 -
[B]Sophos 4.44.0 2009.08.06 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.08.05 Bulk Trojan
Symantec 1.4.4.12 2009.08.06 Packed.Generic.235[/B]
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.05 -[/QUOTE]
Дополнительная информация
File size: 30208 bytes
MD5...: 424760b62b811166b318e1200734be32
SHA1..: d1e2f80afdcd407eba63943cca789d3be075a484
SHA256: 6b4e3937cca31eca5b1b724ac27eccdd9a62f273b1f4668cebe909a9da36eb90
ssdeep: 384:91+mSCAkKT0W8kVuAxNVtqfUVas0cW/87GD+XECSQSuuQQYcMsmhCSd4jdeg
bRe/:98/rRbtq9QWk7GDz30QYJBGjjbpG5
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
[url]http://www.virustotal.com/ru/analisis/6b4e3937cca31eca5b1b724ac27eccdd9a62f273b1f4668cebe909a9da36eb90-1249552853[/url]
Файл xpdeluxe.exe получен 2009.08.06 10:01:34 (UTC)
Текущий статус: закончено
Результат: 24/41 (58.54%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.06 Trojan.Win32.FakeRean!IK
AhnLab-V3 5.0.0.2 2009.08.06 Win-Trojan/FakeAlert.1225728
AntiVir 7.9.0.240 2009.08.06 TR/FakeRean.A.45[/B]
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
[B]Avast 4.8.1335.0 2009.08.06 Win32:Fraudo[/B]
AVG 8.5.0.406 2009.08.06 -
BitDefender 7.2 2009.08.06 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1884 2009.08.06 [B]ApplicUnwnt.Win32.FraudTool.XPDeluxeProtector.~B[/B]
DrWeb 5.0.0.12182 2009.08.06 -
[B]eSafe 7.0.17.0 2009.08.05 Win32.TrojanFakeRean[/B]
eTrust-Vet 31.6.6661 2009.08.06 -
F-Prot 4.4.4.56 2009.08.05 -
[B]F-Secure 8.0.14470.0 2009.08.06 FraudTool.Win32.XPDeluxeProtector.e
Fortinet 3.120.0.0 2009.08.06 W32/FakeAlert.D!tr[/B]
GData 19 2009.08.06 Win32:Fraudo
[B]Ikarus T3.1.1.64.0 2009.08.06 Trojan.Win32.FakeRean[/B]
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus [B]7.10.811 2009.08.05 Trojan.Win32.Malware.1[/B]
[B]Kaspersky 7.0.0.125 2009.08.06 not-a-virus:FraudTool.Win32.XPDeluxeProtector.e[/B]
[B]McAfee 5699 2009.08.05 Generic FakeAlert.d!gen
McAfee+Artemis 5699 2009.08.05 Generic FakeAlert.d!gen
McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.LooksLike.Worm.Wangy.H
Microsoft 1.4903 2009.08.06 Trojan:Win32/FakeRean
NOD32 4311 2009.08.06 Win32/Adware.WinPCDefender[/B]
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
[B]Panda 10.0.0.14 2009.08.05 Trj/CI.A[/B]
PCTools 4.4.2.0 2009.08.05 -
[B]Prevx 3.0 2009.08.06 High Risk Cloaked Malware
Rising 21.41.32.00 2009.08.06 Trojan.Win32.FakeVir.rd
Sophos 4.44.0 2009.08.06 Mal/EncPk-IF
Sunbelt 3.2.1858.2 2009.08.05 FraudTool.Win32.RogueSecurity (v)
Symantec 1.4.4.12 2009.08.06 Packed.Generic.233[/B]
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
[B]VirusBuster 4.6.5.0 2009.08.05 Trojan.FakeRean.Gen[/B][/QUOTE]
Дополнительная информация
File size: 1225728 bytes
MD5...: 307e6d02ed26ff516827c6469401456e
SHA1..: 2b04ca909c2f862b8c730f4ff89be4edaa3a5673
SHA256: f1234e05df628d43db8b41e92b4ceac19a1bd9996ced88ab94c7383d7772ea09
ssdeep: 24576:0kZ67bkLe3HCGB5agRMvvsknKfqLYC1WEFNIcypeWWqxapxRd1+0:V67bY
4sgRKTnAXWNPdD
PEiD..: -
TrID..: File type identification
Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information
[url]http://www.virustotal.com/ru/analisis/f1234e05df628d43db8b41e92b4ceac19a1bd9996ced88ab94c7383d7772ea09-1249552894[/url]
[size="1"][color="#666686"][B][I]Добавлено через 28 минут[/I][/B][/color][/size]
Только что у себя выцепил эти два файлика. Чет хотели мне наделать
Файл avz00001.dta получен 2009.08.06 10:15:14 (UTC)
Текущий статус: закончено
Результат: 11/41 (26.83%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.06 Trojan.Win32.Refroso!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 -
[B]Antiy-AVL 2.0.3.7 2009.08.05 Trojan/Win32.Refroso.gen[/B]
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.06 Generic14.PPK
BitDefender 7.2 2009.08.06 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1884 2009.08.06 -
[B]DrWeb 5.0.0.12182 2009.08.06 Trojan.MulDrop.33183[/B]
eSafe 7.0.17.0 2009.08.05 -
eTrust-Vet 31.6.6661 2009.08.06 -
F-Prot 4.4.4.56 2009.08.05 -
F-Secure 8.0.14470.0 2009.08.06 -
Fortinet 3.120.0.0 2009.08.06 -
GData 19 2009.08.06 -
[B]Ikarus T3.1.1.64.0 2009.08.06 Trojan.Win32.Refroso
Jiangmin 11.0.800 2009.08.06 Trojan/Refroso.fv[/B]
K7AntiVirus 7.10.811 2009.08.05 -
Kaspersky 7.0.0.125 2009.08.06 -
McAfee 5699 2009.08.05 -
[B]McAfee+Artemis 5699 2009.08.05 Artemis!4FF8880DC2FF[/B]
McAfee-GW-Edition 6.8.5 2009.08.06 -
[B]Microsoft 1.4903 2009.08.06 VirTool:Win32/Injector.gen!AD[/B]
NOD32 4311 2009.08.06 -
[B]Norman 6.01.09 2009.08.06 W32/Malware[/B]
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.05 -
PCTools 4.4.2.0 2009.08.05 -
[B]Prevx 3.0 2009.08.06 Medium Risk Malware[/B]
Rising 21.41.32.00 2009.08.06 -
Sophos 4.44.0 2009.08.06 -
Sunbelt 3.2.1858.2 2009.08.05 -
Symantec 1.4.4.12 2009.08.06 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
[B]VBA32 3.12.10.9 2009.08.06 Trojan-Downloader.Win32.Agent.ckvv[/B]
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.05 -[/QUOTE]
Дополнительная информация
File size: 300032 bytes
MD5 : 4ff8880dc2ff94dd6d04e16b18d7c073
SHA1 : 294a06c988efc569a4165e56e6092a765f8c2c4c
SHA256: a88eda6dd4c1096bacd6ecc1170e4a71349b6f94e66b23ac6bce7d25ed5905e6
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x439A
timedatestamp.....: 0x4A6FBC08 (Wed Jul 29 05:03:36 2009)
machinetype.......: 0x14C (Intel I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x357E 0x3600 5.76 6eaaccffcc4851eee5cf1357ee38bba1
.rdata 0x5000 0x8BA 0xA00 4.74 cf673cbdc6fd492858e8da108b3743da
.data 0x6000 0xB74 0x800 6.12 9cf3a4d11527acea903610620162d3e2
.rsrc 0x7000 0x44780 0x44800 7.78 f8e0f63f93948b8b5eed39e6a0a3886f
[url]http://www.virustotal.com/ru/analisis/a88eda6dd4c1096bacd6ecc1170e4a71349b6f94e66b23ac6bce7d25ed5905e6-1249553714[/url]
Файл 85.rar получен 2009.08.06 10:34:49 (UTC)
Текущий статус: закончено
Результат: 9/41 (21.96%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.06 Spammer!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 -
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
[B]AVG 8.5.0.406 2009.08.06 SHeur2.AUTZ[/B]
BitDefender 7.2 2009.08.06 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1884 2009.08.06 -
[B]DrWeb 5.0.0.12182 2009.08.06 Trojan.Spambot.3531[/B]
eSafe 7.0.17.0 2009.08.05 -
eTrust-Vet 31.6.6661 2009.08.06 -
F-Prot 4.4.4.56 2009.08.05 -
F-Secure 8.0.14470.0 2009.08.06 -
Fortinet 3.120.0.0 2009.08.06 -
GData 19 2009.08.06 -
[B]Ikarus T3.1.1.64.0 2009.08.06 Spammer[/B]
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.811 2009.08.05 -
Kaspersky 7.0.0.125 2009.08.06 -
McAfee 5699 2009.08.05 -
[B]McAfee+Artemis 5699 2009.08.05 Artemis!5A62D71884FA[/B]
McAfee-GW-Edition 6.8.5 2009.08.06 -
[B]Microsoft 1.4903 2009.08.06 Spammer:Win32/Tedroo.I[/B]
NOD32 4311 2009.08.06 -
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
[B]Panda 10.0.0.14 2009.08.05 Trj/CI.A[/B]
PCTools 4.4.2.0 2009.08.05 -
Prevx 3.0 2009.08.06 -
[B]Rising 21.41.32.00 2009.08.06 Unknown Win32 Virus[/B]
Sophos 4.44.0 2009.08.06 -
[B]Sunbelt 3.2.1858.2 2009.08.05 Bulk Trojan[/B]
Symantec 1.4.4.12 2009.08.06 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.05 -[/QUOTE]
Дополнительная информация
File size: 45501 bytes
MD5...: 51cec740816a99f5cd1171243f74f9ae
SHA1..: cd1c8244cee634d88f6d274130aeaa604af4d059
SHA256: 92e71c4abb60c51bd5e197148d22512a3fcc83e87eade49958784c4ff3b1315d
ssdeep: 768:az2T5ey7hQKBauUNuOkPnkUu6M6aNvoVpgRwVmHuG3Tqc/KiLUO/10VAQ987
yw04:K2IIouOSkUudwVORbTjj7LU616AD7304
PEiD..: -
TrID..: File type identification
RAR Archive (83.3%)
REALbasic Project (16.6%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
[url]http://www.virustotal.com/ru/analisis/92e71c4abb60c51bd5e197148d22512a3fcc83e87eade49958784c4ff3b1315d-1249554889[/url]
[size="1"][color="#666686"][B][I]Добавлено через 4 часа 26 минут[/I][/B][/color][/size]
Еще какая-то гадость сидела в папке Windows
Файл tapi.nfo получен 2009.08.06 15:00:28 (UTC)
Текущий статус: закончено
Результат: 14/41 (34.15%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.06 Trojan-Downloader.Win32.Small!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.06 -
[B]AntiVir 7.9.0.240 2009.08.06 TR/Dldr.Small.alyr[/B]
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
[B]AVG 8.5.0.406 2009.08.06 Downloader.Generic8.BFZA[/B]
BitDefender 7.2 2009.08.06 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1887 2009.08.06 -
DrWeb 5.0.0.12182 2009.08.06 -
eSafe 7.0.17.0 2009.08.05 -
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.06 -
[B]F-Secure 8.0.14470.0 2009.08.06 Trojan-Downloader.Win32.Small.alyr
Fortinet 3.120.0.0 2009.08.06 W32/Small.ALYR!tr.dldr[/B]
GData 19 2009.08.06 -
[B]Ikarus T3.1.1.64.0 2009.08.06 Trojan-Downloader.Win32.Small
Jiangmin 11.0.800 2009.08.06 TrojanDownloader.Small.amya[/B]
K7AntiVirus 7.10.811 2009.08.05 -
[B]Kaspersky 7.0.0.125 2009.08.06 Trojan-Downloader.Win32.Small.alyr[/B]
McAfee 5699 2009.08.05 -
[B]McAfee+Artemis 5699 2009.08.05 Artemis!AED17B841272
McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.LooksLike.Win32.Small.L[/B]
Microsoft 1.4903 2009.08.06 -
[B]NOD32 4312 2009.08.06 Win32/Oficla.A[/B]
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
[B]Panda 10.0.0.14 2009.08.05 Trj/CI.A[/B]
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.06 -
[B]Rising 21.41.34.00 2009.08.06 Trojan.DL.Win32.Undef.gds[/B]
Sophos 4.44.0 2009.08.06 -
Sunbelt 3.2.1858.2 2009.08.06 -
[B]Symantec 1.4.4.12 2009.08.06 SecurityRisk.Downldr[/B]
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.05 -[/QUOTE]
Дополнительная информация
File size: 24576 bytes
MD5...: aed17b841272d835657a5c32f18e7046
SHA1..: c02cbfa8887016e74bb46dcafae238b4a5b7764a
SHA256: a704cf809922c83764c9575520237b746bca99dc373a9081569515b158823f6a
ssdeep: 384:5JtXqCog7f+9A31rhs+OgQN0On16SZTXkGT5:/QCV7W9Q5hs+uyO16Irp
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (67.8%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
VXD Driver (0.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
[url]http://www.virustotal.com/ru/analisis/a704cf809922c83764c9575520237b746bca99dc373a9081569515b158823f6a-1249570828[/url]
[size="1"][color="#666686"][B][I]Добавлено через 7 часов 16 минут[/I][/B][/color][/size]
Файл VK.exe получен 2009.08.06 22:18:58 (UTC)
Текущий статус: закончено
Результат: 11/41 (26.83%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.06 Trojan.BAT.Agent!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 -
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.06 -
BitDefender 7.2 2009.08.07 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1890 2009.08.07 -
[B]DrWeb 5.0.0.12182 2009.08.06 Trojan.Hosts.52
eSafe 7.0.17.0 2009.08.06 Suspicious File[/B]
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.06 -
[B]F-Secure 8.0.14470.0 2009.08.06 Trojan.BAT.Qhost.eu[/B]
Fortinet 3.120.0.0 2009.08.06 -
GData 19 2009.08.07 -
[B]Ikarus T3.1.1.64.0 2009.08.06 Trojan.BAT.Agent[/B]
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.812 2009.08.06 -
[B]Kaspersky 7.0.0.125 2009.08.06 Trojan.BAT.Qhost.eu[/B]
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
[B]McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.BehavesLike.Win32.ModifiedUPX.B!92
Microsoft 1.4903 2009.08.06 Trojan:Win32/Qhost.AY[/B]
NOD32 4313 2009.08.06 -
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.07 -
[B]Rising 21.41.34.00 2009.08.06 Dropper.Win32.Agent.zrh
Sophos 4.44.0 2009.08.06 Sus/Dropper-A[/B]
Sunbelt 3.2.1858.2 2009.08.06 -
Symantec 1.4.4.12 2009.08.06 -
TheHacker 6.3.4.3.377 2009.08.05 -
[B]TrendMicro 8.950.0.1094 2009.08.06 PAK_Generic.001[/B]
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.06 -[/QUOTE]
Дополнительная информация
File size: 19968 bytes
MD5...: 55555d8215040c839dcfc2dc1f6da85e
SHA1..: facd21a1be7ac500d2b46826b5fdbaf137f9de3b
SHA256: bd2776b7e17307c480158cfed0c0c3e58a131e7fe78bacfc10938f2541429f9c
ssdeep: 384:4I38pS558OMoXvzRpKAQ9iJs3s/C20qEMu5OcZvjMaNJawcudoD7URm7P:4I
LpMSTQ9G1xhENBFnbcuyD7UW
PEiD..: UPX 2.93 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
TrID..: File type identification
Win32 Executable Generic (67.8%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
VXD Driver (0.2%)
PEInfo: PE Structure information
[url]http://www.virustotal.com/ru/analisis/bd2776b7e17307c480158cfed0c0c3e58a131e7fe78bacfc10938f2541429f9c-1249597138[/url]
-
File 2b04b15c6dc0c9edef7465ed1bf017e1. received on 2009.08.06 23:27:21 (UTC)
Current status: finished
Result: 1/41 (2.44%)
[QUOTE]a-squared 4.5.0.24 2009.08.06 -
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 -
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.06 -
BitDefender 7.2 2009.08.07 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1890 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
eSafe 7.0.17.0 2009.08.06 -
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.06 -
F-Secure 8.0.14470.0 2009.08.06 -
Fortinet 3.120.0.0 2009.08.06 -
GData 19 2009.08.07 -
Ikarus T3.1.1.64.0 2009.08.06 -
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 -
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
[B]McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.BehavesLike.JS.CodeUnfolding.A[/B]
Microsoft 1.4903 2009.08.06 -
NOD32 4313 2009.08.06 -
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.07 -
Rising 21.41.34.00 2009.08.06 -
Sophos 4.44.0 2009.08.06 -
Sunbelt 3.2.1858.2 2009.08.06 -
Symantec 1.4.4.12 2009.08.07 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.06 -[/QUOTE]
Additional information
File size: 13248 bytes
MD5...: ea0f2de6ce677356786b3a67cb2596a9
SHA1..: 9e6c4a136c0eb9baebb52e55503a333af899a456
SHA256: 95401cfba6b4c34d077d3b8d90ff651f3f7a2b76a09bd5b03337f66654243379
ssdeep: 192:ojs8orZws8oZs8oXs8orL7qWdrkjXE/p4b0jxQ8Oe8DKpHpeMlbaKWoC2Z:o
jYuYZYXYruE/iAje8Oe8DoIszWoHZ
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
File ajfv8x0.gif received on 2009.08.06 23:27:33 (UTC)
Current status: finished
Result: 10/41 (24.4%)
[QUOTE][B]a-squared 4.5.0.24 2009.08.06 Trojan-Downloader.JS.Small!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 -
[B]Antiy-AVL 2.0.3.7 2009.08.05 Trojan/JS.Agent[/B]
Authentium 5.1.2.4 2009.08.06 -
[B]Avast 4.8.1335.0 2009.08.06 JS:Redirector-N[/B]
AVG 8.5.0.406 2009.08.06 -
[B]BitDefender 7.2 2009.08.07 Trojan.Downloader.JS.Small.NBJ[/B]
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1890 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
eSafe 7.0.17.0 2009.08.06 -
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.06 -
[B]F-Secure 8.0.14470.0 2009.08.06 Trojan-Downloader.JS.Agent.ehp[/B]
Fortinet 3.120.0.0 2009.08.06 -
[B]GData 19 2009.08.07 Trojan.Downloader.JS.Small.NBJ[/B]
[B]Ikarus T3.1.1.64.0 2009.08.06 Trojan-Downloader.JS.Small[/B]
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.812 2009.08.06 -
[B]Kaspersky 7.0.0.125 2009.08.07 Trojan-Downloader.JS.Agent.ehp[/B]
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
McAfee-GW-Edition 6.8.5 2009.08.06 -
Microsoft 1.4903 2009.08.06 -
NOD32 4313 2009.08.06 -
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.07 -
Rising 21.41.34.00 2009.08.06 -
[B]Sophos 4.44.0 2009.08.06 Mal/JSRedir-A[/B]
Sunbelt 3.2.1858.2 2009.08.06 -
Symantec 1.4.4.12 2009.08.07 -
TheHacker 6.3.4.3.377 2009.08.05 -
[B]TrendMicro 8.950.0.1094 2009.08.06 JS_AGENT.AYCL[/B]
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.06 -[/QUOTE]
Additional information
File size: 935 bytes
MD5...: d99614b0195a1e3491090d66ea6a6a20
SHA1..: 1224e11dfc4f88a71111605f1d2386df252bb8ee
SHA256: f3effcf48ba88e820ee32682a1fd346e8512b77977064561a84c0bb2c757e5cd
ssdeep: 24:xQdgdz/FsjtsbJYgIdrLujRRq62fmFn6RxNRQ5f:tt2tsbJudrLujRR0fen6b
Nmp
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
File allgood.html received on 2009.08.06 23:27:39 (UTC)
Current status: finished
Result: 1/41 (2.44%)
[QUOTE]a-squared 4.5.0.24 2009.08.06 -
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 -
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.06 -
BitDefender 7.2 2009.08.07 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1890 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
eSafe 7.0.17.0 2009.08.06 -
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.06 -
F-Secure 8.0.14470.0 2009.08.06 -
Fortinet 3.120.0.0 2009.08.06 -
GData 19 2009.08.07 -
Ikarus T3.1.1.64.0 2009.08.06 -
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 -
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
[B]McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.BehavesLike.JS.CodeUnfolding.A[/B]
Microsoft 1.4903 2009.08.06 -
NOD32 4313 2009.08.06 -
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.07 -
Rising 21.41.34.00 2009.08.06 -
Sophos 4.44.0 2009.08.06 -
Sunbelt 3.2.1858.2 2009.08.06 -
Symantec 1.4.4.12 2009.08.07 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.06 -
[/QUOTE]
Additional information
File size: 1881 bytes
MD5...: a4be19704907b0c1c733697eb0553016
SHA1..: d57376f8a1110ab96a6e903341a82fff9f00bc8c
SHA256: d72cc17350fe4c78b37dfeb02b30ea39a22e6a3e505429ccff435fc6fc549d97
ssdeep: 24:Wug+5+VXnI2879tLyIlfFu+8MRFnGplUl81qJjPGDbHpWFnGplUl81qJjPGhy
9sH:Ng+5WT8/RJFGpWu0RuXQFGpWu0RuVgLi
PEiD..: -
TrID..: File type identification
HyperText Markup Language with DOCTYPE (80.6%)
HyperText Markup Language (19.3%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
File conf.php received on 2009.08.06 23:27:44 (UTC)
Current status: finished
Result: 1/41 (2.44%)
[QUOTE]a-squared 4.5.0.24 2009.08.06 -
AhnLab-V3 5.0.0.2 2009.08.06 -
AntiVir 7.9.0.240 2009.08.06 -
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.06 -
BitDefender 7.2 2009.08.07 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1890 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
eSafe 7.0.17.0 2009.08.06 -
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.06 -
F-Secure 8.0.14470.0 2009.08.06 -
Fortinet 3.120.0.0 2009.08.06 -
GData 19 2009.08.07 -
Ikarus T3.1.1.64.0 2009.08.06 -
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 -
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
[B]McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.BehavesLike.JS.CodeUnfolding.D[/B]
Microsoft 1.4903 2009.08.06 -
NOD32 4313 2009.08.06 -
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.07 -
Rising 21.41.34.00 2009.08.06 -
Sophos 4.44.0 2009.08.06 -
Sunbelt 3.2.1858.2 2009.08.06 -
Symantec 1.4.4.12 2009.08.07 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.06 -[/QUOTE]
Additional information
File size: 14305 bytes
MD5...: 139f99f9b013e39a0d58d073ffb138df
SHA1..: a3d140357b66fe49be8088b47dde917752dc7fed
SHA256: d1c1dfa510a42d745137e27641eb3558edfaf741f7a8f8434db44c848d5c6b6d
ssdeep: 192://RIcQYaPAc4G8ycHmFHZjPg0H7QHYJHelEHDHMYcm0rexpHbgtT9K911ZxF
AwOR:+xocf8yfDj4J5KvCns1PLjMmySWdOwFR
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
[size="1"][color="#666686"][B][I]Добавлено через 14 минут[/I][/B][/color][/size]
File 12345 received on 2009.08.06 23:42:55 (UTC)
Current status: finished
Result: 7/41 (17.08%)
[QUOTE]a-squared 4.5.0.24 2009.08.06 -
AhnLab-V3 5.0.0.2 2009.08.06 -
[B]AntiVir 7.9.0.240 2009.08.06 HTML/Infected.WebPage.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.06 -
[B]BitDefender 7.2 2009.08.07 Trojan.JS.IFrame.ACM[/B]
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1890 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
[B]eSafe 7.0.17.0 2009.08.06 JS.Agent.jy[/B]
[B]eTrust-Vet 31.6.6662 2009.08.06 JS/Psyme!generic[/B]
F-Prot 4.4.4.56 2009.08.06 -
F-Secure 8.0.14470.0 2009.08.06 -
Fortinet 3.120.0.0 2009.08.06 -
[B]GData 19 2009.08.07 Trojan.JS.IFrame.ACM[/B]
Ikarus T3.1.1.64.0 2009.08.06 -
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 -
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
[B]McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.Script.Infected.WebPage[/B]
Microsoft 1.4903 2009.08.06 -
NOD32 4313 2009.08.06 -
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.07 -
Rising 21.41.34.00 2009.08.06 -
Sophos 4.44.0 2009.08.06 -
Sunbelt 3.2.1858.2 2009.08.06 -
Symantec 1.4.4.12 2009.08.07 -
TheHacker 6.3.4.3.377 2009.08.05 -
[B]TrendMicro 8.950.0.1094 2009.08.06 Mal_Hifrm-2[/B]
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.06 -[/QUOTE]
Additional information
File size: 3576 bytes
MD5...: fd392a21cf8fa9ed0ebbd5a1780394ef
SHA1..: 7f1eda3a1d5e7ee511ec0d12583ce486eaf18cb9
SHA256: 29ad52546255df0264f9697470de50bdb81ee5d9b5f41e2f4b93aef8009f15b5
ssdeep: 96:TsjE0GkRv1DMrA1B//Bu/tSJCmWVj7kI4:TPw4xma8
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
File 54321 received on 2009.08.06 23:43:02 (UTC)
Current status: finished
Result: 22/41 (53.66%)
[QUOTE][B]a-squared 4.5.0.24 2009.08.06 Trojan-Downloader.JS.Psyme!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.06 -
[B]AntiVir 7.9.0.240 2009.08.06 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
[B]Avast 4.8.1335.0 2009.08.06 HTML:IFrame-BN[/B]
[B]AVG 8.5.0.406 2009.08.06 HTML/Framer[/B]
[B]BitDefender 7.2 2009.08.07 Trojan.JS.IFrame.ACM[/B]
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1890 2009.08.07 -
[B]DrWeb 5.0.0.12182 2009.08.07 Trojan.Click.21021[/B]
[B]eSafe 7.0.17.0 2009.08.06 JS.Agent.jy[/B]
[B]eTrust-Vet 31.6.6662 2009.08.06 JS/Psyme!generic[/B]
F-Prot 4.4.4.56 2009.08.06 -
[B]F-Secure 8.0.14470.0 2009.08.06 Trojan-Clicker.HTML.IFrame.ey[/B]
[B]Fortinet 3.120.0.0 2009.08.06 JS/PackObfuscated.B[/B]
[B]GData 19 2009.08.07 Trojan.JS.IFrame.ACM[/B]
[B]Ikarus T3.1.1.64.0 2009.08.06 Trojan-Downloader.JS.Psyme[/B]
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.812 2009.08.06 -
[B]Kaspersky 7.0.0.125 2009.08.07 Trojan-Clicker.HTML.IFrame.ey[/B]
McAfee 5700 2009.08.06 JS/Downloader.gen
McAfee+Artemis 5700 2009.08.06 JS/Downloader.gen
[B]McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.BehavesLike.JS.CodeUnfolding.A[/B]
[B]Microsoft 1.4903 2009.08.06 TrojanDownloader:JS/Psyme.gen[/B]
[B]NOD32 4313 2009.08.06 HTML/TrojanClicker.Iframe.GT.gen[/B]
[B]Norman 6.01.09 2009.08.06 JS/Psyme.AE[/B]
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.07 -
Rising 21.41.34.00 2009.08.06 -
[B]Sophos 4.44.0 2009.08.06 Mal/ObfJS-AB[/B]
Sunbelt 3.2.1858.2 2009.08.06 -
[B]Symantec 1.4.4.12 2009.08.07 Downloader[/B]
TheHacker 6.3.4.3.377 2009.08.05 -
[B]TrendMicro 8.950.0.1094 2009.08.06 Mal_Hifrm-2[/B]
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.06 -[/QUOTE]
Additional information
File size: 4869 bytes
MD5...: 1d937f1928fd7baa18ed30945411c7d7
SHA1..: 63b27b4ecade032625c0dba3719e51d14c8258d7
SHA256: ec65f4c6875add70548464d1e15a1e4721617fd6ced4609cbe21ffe581251082
ssdeep: 96:62XlGH9VXADsKtoBf1q3qSxTwo85QSBOpxoRvPArh5ItUV4CPwUo9KjM28nG6
4Cs:9XlGdVw1tqf1q3qSxTw3OpxoRgrh5CCD
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
File test.html received on 2009.08.06 23:43:09 (UTC)
Current status: finished
Result: 2/41 (4.88%)
[QUOTE]a-squared 4.5.0.24 2009.08.06 -
AhnLab-V3 5.0.0.2 2009.08.06 -
[B]AntiVir 7.9.0.240 2009.08.06 JS/Dldr.Agent.njv[/B]
Antiy-AVL 2.0.3.7 2009.08.05 -
Authentium 5.1.2.4 2009.08.06 -
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.06 -
BitDefender 7.2 2009.08.07 -
CAT-QuickHeal 10.00 2009.08.06 -
ClamAV 0.94.1 2009.08.06 -
Comodo 1890 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
eSafe 7.0.17.0 2009.08.06 -
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.06 -
F-Secure 8.0.14470.0 2009.08.06 -
Fortinet 3.120.0.0 2009.08.06 -
GData 19 2009.08.07 -
Ikarus T3.1.1.64.0 2009.08.06 -
Jiangmin 11.0.800 2009.08.06 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 -
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
[B]McAfee-GW-Edition 6.8.5 2009.08.06 Heuristic.BehavesLike.JS.CodeUnfolding.A[/B]
Microsoft 1.4903 2009.08.06 -
NOD32 4313 2009.08.06 -
Norman 6.01.09 2009.08.06 -
nProtect 2009.1.8.0 2009.08.06 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.07 -
Rising 21.41.34.00 2009.08.06 -
Sophos 4.44.0 2009.08.06 -
Sunbelt 3.2.1858.2 2009.08.06 -
Symantec 1.4.4.12 2009.08.07 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.06 -
VBA32 3.12.10.9 2009.08.06 -
ViRobot 2009.8.6.1871 2009.08.06 -
VirusBuster 4.6.5.0 2009.08.06 -[/QUOTE]
Additional information
File size: 3138 bytes
MD5...: 9f67e572e494317269489ce607a4e064
SHA1..: befc2278ab801f562e14e0739834a07091571e9a
SHA256: 494f44e540afee905d4fb7721f9002e23c1984e2075fef8cfc107f68a2775b5a
ssdeep: 48:09WdkX3R1sBqhMkSyNAdIcG6WF6WDyO3xyL3jBXItSnSlya6L:4+O3/q1te6W
F6W+O3xyBXItSnSlya6L
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
File avz00006.dta received on 2009.08.07 11:04:57 (UTC)
[CODE]Antivirus Version Last Update Result
a-squared 4.5.0.24 2009.08.07 -
AhnLab-V3 5.0.0.2 2009.08.07 -
AntiVir 7.9.0.246 2009.08.07 -
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.07 -
Avast 4.8.1335.0 2009.08.06 -
AVG 8.5.0.406 2009.08.07 -
BitDefender 7.2 2009.08.07 -
CAT-QuickHeal 10.00 2009.08.07 -
ClamAV 0.94.1 2009.08.07 -
Comodo 1896 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
eSafe 7.0.17.0 2009.08.06 -
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.07 -
F-Secure 8.0.14470.0 2009.08.07 -
Fortinet 3.120.0.0 2009.08.07 -
GData 19 2009.08.07 -
Ikarus T3.1.1.64.0 2009.08.07 -
Jiangmin 11.0.800 2009.08.07 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 -
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
McAfee-GW-Edition 6.8.5 2009.08.07 -
Microsoft 1.4903 2009.08.07 -
[B]NOD32 4314 2009.08.07 a variant of Win32/LockScreen.AY[/B]
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.07 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.06 -
Prevx 3.0 2009.08.07 -
Rising 21.41.43.00 2009.08.07 -
Sophos 4.44.0 2009.08.07 -
Sunbelt 3.2.1858.2 2009.08.07 -
Symantec 1.4.4.12 2009.08.07 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.07 -
VBA32 3.12.10.9 2009.08.07 -
ViRobot 2009.8.7.1873 2009.08.07 -
VirusBuster 4.6.5.0 2009.08.06 -[/CODE]
Additional information
File size: 406528 bytes
MD5 : 2a5e2bf462b0b00cb1700b3072b4d9ee
-
File n_1_.pdf received on 2009.08.07 12:05:50 (UTC)
Current status: finished
Result: 5/41 (12.2%)
[QUOTE]a-squared 4.5.0.24 2009.08.07 -
AhnLab-V3 5.0.0.2 2009.08.07 -
AntiVir 7.9.0.246 2009.08.07 -
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.07 -
[B]Avast 4.8.1335.0 2009.08.06 JS:Packed-BV[/B]
AVG 8.5.0.406 2009.08.07 -
[B]BitDefender 7.2 2009.08.07 JS.Obfuscated.Gen[/B]
CAT-QuickHeal 10.00 2009.08.07 -
ClamAV 0.94.1 2009.08.07 -
Comodo 1896 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
eSafe 7.0.17.0 2009.08.06 -
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.07 -
F-Secure 8.0.14470.0 2009.08.07 -
Fortinet 3.120.0.0 2009.08.07 -
[B]GData 19 2009.08.07 JS.Obfuscated.Gen[/B]
Ikarus T3.1.1.64.0 2009.08.07 -
Jiangmin 11.0.800 2009.08.07 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 -
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
McAfee-GW-Edition 6.8.5 2009.08.07 -
Microsoft 1.4903 2009.08.07 -
[B]NOD32 4314 2009.08.07 PDF/Exploit.Gen[/B]
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.07 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.07 -
Prevx 3.0 2009.08.07 -
Rising 21.41.43.00 2009.08.07 -
Sophos 4.44.0 2009.08.07 -
Sunbelt 3.2.1858.2 2009.08.07 -
[B]Symantec 1.4.4.12 2009.08.07 Bloodhound.Exploit.213[/B]
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.07 -
VBA32 3.12.10.9 2009.08.07 -
ViRobot 2009.8.7.1873 2009.08.07 -
VirusBuster 4.6.5.0 2009.08.06 -[/QUOTE]
Additional information
File size: 16260 bytes
MD5...: 9d06e3dc3645d0ba8dee44717fd64e51
SHA1..: 13ccefd919c56a3b95b9b06e661ca7445ae03abc
SHA256: b48a0523f311a5916ab5df67d7a5d04d199ebc0b650daf4e4c2c9fe654365045
ssdeep: 384:jDJz4ULMxLYwa/7SOe9Q9nDeKC+spv/vtzdp5Ls4KdyMQx/Q0r6ySWeG:jDp
/uA/7SNyiKOVtr0mp
PEiD..: -
TrID..: File type identification
Adobe Portable Document Format (100.0%)
PEInfo: -
PDFiD.: PDF Header: %PDF-1.3
obj 6
endobj 6
stream 1
endstream 1
xref 1
trailer 1
startxref 1
/Page 1
/Encrypt 0
/ObjStm 0
/JS 1(1)
/JavaScript 1(1)
/AA 0
/OpenAction 1(1)
/AcroForm 0
/JBIG2Decode 0
/RichMedia 0
RDS...: NSRL Reference Data Set
File n_1_.htm received on 2009.08.07 12:13:29 (UTC)
Current status: finished
Result: 4/41 (9.76%)
[QUOTE][B]a-squared 4.5.0.24 2009.08.07 Virus.JS.Packed.H!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.07 -
AntiVir 7.9.0.246 2009.08.07 -
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.07 -
[B]Avast 4.8.1335.0 2009.08.06 JS:Packed-BV[/B]
AVG 8.5.0.406 2009.08.07 -
BitDefender 7.2 2009.08.07 -
CAT-QuickHeal 10.00 2009.08.07 -
ClamAV 0.94.1 2009.08.07 -
Comodo 1896 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
eSafe 7.0.17.0 2009.08.06 -
eTrust-Vet 31.6.6662 2009.08.06 -
F-Prot 4.4.4.56 2009.08.07 -
F-Secure 8.0.14470.0 2009.08.07 -
Fortinet 3.120.0.0 2009.08.07 -
[B]GData 19 2009.08.07 JS:Packed-BV[/B]
[B]Ikarus T3.1.1.64.0 2009.08.07 Virus.JS.Packed.H[/B]
Jiangmin 11.0.800 2009.08.07 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 -
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
McAfee-GW-Edition 6.8.5 2009.08.07 -
Microsoft 1.4903 2009.08.07 -
NOD32 4314 2009.08.07 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.07 -
Panda 10.0.0.14 2009.08.06 -
PCTools 4.4.2.0 2009.08.07 -
Prevx 3.0 2009.08.07 -
Rising 21.41.43.00 2009.08.07 -
Sophos 4.44.0 2009.08.07 -
Sunbelt 3.2.1858.2 2009.08.07 -
Symantec 1.4.4.12 2009.08.07 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.07 -
VBA32 3.12.10.9 2009.08.07 -
ViRobot 2009.8.7.1873 2009.08.07 -
VirusBuster 4.6.5.0 2009.08.06 -[/QUOTE]
Additional information
File size: 6215 bytes
MD5...: f1132074ccdb2675e8dab3d7895e3c60
SHA1..: 8cb4f528bd92ca25a1a155f5e8fdbe405dec1483
SHA256: 3e4a5abd5c2f9be75c437d8e1dae491d7b47f278ff0e20d6f9842fe13a81f37a
ssdeep: 192:FD+ADJwIt6c+E6eq1bTBcYxkQxw6Q6rWOGgnDyFNx:FWcJ6eq1SMtBBD4x
PEiD..: -
TrID..: File type identification
HyperText Markup Language with DOCTYPE (80.6%)
HyperText Markup Language (19.3%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
Украли название каталогов на диске D:\
:(
[size="1"][color="#666686"][B][I]Добавлено через 9 минут[/I][/B][/color][/size]
File in_1_.htm received on 2009.08.07 12:27:06 (UTC)
Current status: finished
Result: 4/41 (9.76%)
[QUOTE][B]a-squared 4.5.0.24 2009.08.07 Virus.HTML.Framer!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.07 -
AntiVir 7.9.0.246 2009.08.07 -
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.07 -
[B]Avast 4.8.1335.0 2009.08.06 HTML:Framer-inf[/B]
AVG 8.5.0.406 2009.08.07 -
BitDefender 7.2 2009.08.07 -
CAT-QuickHeal 10.00 2009.08.07 -
ClamAV 0.94.1 2009.08.07 -
Comodo 1896 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
eSafe 7.0.17.0 2009.08.06 -
eTrust-Vet 31.6.6665 2009.08.07 -
F-Prot 4.4.4.56 2009.08.07 -
F-Secure 8.0.14470.0 2009.08.07 -
Fortinet 3.120.0.0 2009.08.07 -
[B]GData 19 2009.08.07 HTML:Framer-inf[/B]
[B]Ikarus T3.1.1.64.0 2009.08.07 Virus.HTML.Framer[/B]
Jiangmin 11.0.800 2009.08.07 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 -
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
McAfee-GW-Edition 6.8.5 2009.08.07 -
Microsoft 1.4903 2009.08.07 -
NOD32 4314 2009.08.07 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.07 -
Panda 10.0.0.14 2009.08.07 -
PCTools 4.4.2.0 2009.08.07 -
Prevx 3.0 2009.08.07 -
Rising 21.41.43.00 2009.08.07 -
Sophos 4.44.0 2009.08.07 -
Sunbelt 3.2.1858.2 2009.08.07 -
Symantec 1.4.4.12 2009.08.07 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.07 -
VBA32 3.12.10.9 2009.08.07 -
ViRobot 2009.8.7.1873 2009.08.07 -
VirusBuster 4.6.5.0 2009.08.06 -[/QUOTE]
Additional information
File size: 93 bytes
MD5...: 34997809a927cdd2cc6061582e4bfe23
SHA1..: 336df54878b4f3af5f1b9a04358be62a9679c30b
SHA256: b4e3bbcd31a96c663404122645ad3b2879c9527708099a80b6ac0ab763aa50ab
ssdeep: 3:qVZLE5jFHUi9hXGLZCLJuWK+cRH7ZVWA90Nu:qzLE5x0i9Bq89LdyjWAB
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
[size="1"][color="#666686"][B][I]Добавлено через 3 минуты[/I][/B][/color][/size]
File n_1_ received on 2009.08.07 12:30:59 (UTC)
Current status: finished
Result: 2/41 (4.88%)
[QUOTE]a-squared 4.5.0.24 2009.08.07 -
AhnLab-V3 5.0.0.2 2009.08.07 -
AntiVir 7.9.0.246 2009.08.07 -
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.07 -
[B]Avast 4.8.1335.0 2009.08.06 JS:Packed-BV[/B]
AVG 8.5.0.406 2009.08.07 -
BitDefender 7.2 2009.08.07 -
CAT-QuickHeal 10.00 2009.08.07 -
ClamAV 0.94.1 2009.08.07 -
Comodo 1896 2009.08.07 -
DrWeb 5.0.0.12182 2009.08.07 -
eSafe 7.0.17.0 2009.08.06 -
eTrust-Vet 31.6.6665 2009.08.07 -
F-Prot 4.4.4.56 2009.08.07 -
F-Secure 8.0.14470.0 2009.08.07 -
Fortinet 3.120.0.0 2009.08.07 -
[B]GData 19 2009.08.07 JS:Packed-BV[/B]
Ikarus T3.1.1.64.0 2009.08.07 -
Jiangmin 11.0.800 2009.08.07 -
K7AntiVirus 7.10.812 2009.08.06 -
Kaspersky 7.0.0.125 2009.08.07 -
McAfee 5700 2009.08.06 -
McAfee+Artemis 5700 2009.08.06 -
McAfee-GW-Edition 6.8.5 2009.08.07 -
Microsoft 1.4903 2009.08.07 -
NOD32 4314 2009.08.07 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.07 -
Panda 10.0.0.14 2009.08.07 -
PCTools 4.4.2.0 2009.08.07 -
Prevx 3.0 2009.08.07 -
Rising 21.41.43.00 2009.08.07 -
Sophos 4.44.0 2009.08.07 -
Sunbelt 3.2.1858.2 2009.08.07 -
Symantec 1.4.4.12 2009.08.07 -
TheHacker 6.3.4.3.377 2009.08.05 -
TrendMicro 8.950.0.1094 2009.08.07 -
VBA32 3.12.10.9 2009.08.07 -
ViRobot 2009.8.7.1873 2009.08.07 -
VirusBuster 4.6.5.0 2009.08.06 -[/QUOTE]
Additional information
File size: 12434 bytes
MD5...: b04b01b871be8643d6e1b7f2c75bda80
SHA1..: aaac83703200b68e4dfb70df834d6bd14c38314f
SHA256: 701320a039bd1ef1eaf7a7ff265d82678e099360fcefc5df09c15dcd77cdc01b
ssdeep: 192:Jd60GqodVWSRRB/AgKEnybY2hRdVoWXMqbcYtPX24ZUFTc00IPTNArKtAZ:z
60no7RB7ybxqWBfzUSfAsr
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
-
File PivimMiniInstall.exe received on 2009.08.08 11:20:56 (UTC)
Current status: finished
Result: 2/41 (4.88%)
[QUOTE]a-squared 4.5.0.24 2009.08.08 -
AhnLab-V3 5.0.0.2 2009.08.07 -
AntiVir 7.9.0.248 2009.08.07 -
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.07 -
Avast 4.8.1335.0 2009.08.07 -
AVG 8.5.0.406 2009.08.08 -
BitDefender 7.2 2009.08.08 -
CAT-QuickHeal 10.00 2009.08.08 -
ClamAV 0.94.1 2009.08.07 -
Comodo 1908 2009.08.08 -
DrWeb 5.0.0.12182 2009.08.08 -
[B]eSafe 7.0.17.0 2009.08.06 Suspicious File[/B]
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.07 -
F-Secure 8.0.14470.0 2009.08.08 -
Fortinet 3.120.0.0 2009.08.08 -
GData 19 2009.08.08 -
Ikarus T3.1.1.64.0 2009.08.08 -
Jiangmin 11.0.800 2009.08.08 -
K7AntiVirus 7.10.813 2009.08.07 -
Kaspersky 7.0.0.125 2009.08.08 -
McAfee 5702 2009.08.08 -
[B]McAfee+Artemis 5702 2009.08.08 Suspect-29!38FBAD70A661[/B]
McAfee-GW-Edition 6.8.5 2009.08.07 -
Microsoft 1.4903 2009.08.08 -
NOD32 4316 2009.08.07 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.08 -
Panda 10.0.0.14 2009.08.07 -
PCTools 4.4.2.0 2009.08.07 -
Prevx 3.0 2009.08.08 -
Rising 21.41.52.00 2009.08.08 -
Sophos 4.44.0 2009.08.08 -
Sunbelt 3.2.1858.2 2009.08.08 -
Symantec 1.4.4.12 2009.08.08 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.07 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.07 -[/QUOTE]
Additional information
File size: 285696 bytes
MD5...: 38fbad70a6610a2555db2e4b1d2c34d5
SHA1..: ae9d919fe57d0588813c8a9252e4a4f93db3b7cd
SHA256: e5e189dcfc0e0f15b117ad30a702aa50b3d1cd8e8a229dbb197bdb9289081186
ssdeep: 6144:MsdFcFYy8XbFxrokvId2175zeeXrS4fEo:MpojvIdO5zeeXrSF
PEiD..: -
TrID..: File type identification
UPX compressed Win32 Executable (38.5%)
Win32 EXE Yoda's Crypter (33.4%)
Win32 Executable Generic (10.7%)
Win32 Dynamic Link Library (generic) (9.5%)
Win16/32 Executable Delphi generic (2.6%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0xa6ff0
timedatestamp.....: 0x49c2133f (Thu Mar 19 09:41:19 2009)
machinetype.......: 0x14c (I386)
-
File casino.php received on 2009.08.09 18:54:41 (UTC)
Current status: finished
Result: 8/41 (19.52%)
[QUOTE]a-squared 4.5.0.24 2009.08.09 -
AhnLab-V3 5.0.0.2 2009.08.08 -
[B]AntiVir 7.9.0.248 2009.08.09 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
[B]Avast 4.8.1335.0 2009.08.08 HTML:IFrame-EZ[/B]
[B]AVG 8.5.0.406 2009.08.09 HTML/Framer.CB[/B]
[B]BitDefender 7.2 2009.08.09 Trojan.Script.126261[/B]
CAT-QuickHeal 10.00 2009.08.08 -
[B]ClamAV 0.94.1 2009.08.07 Trojan.JS-19[/B]
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eSafe 7.0.17.0 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
F-Secure 8.0.14470.0 2009.08.09 -
Fortinet 3.120.0.0 2009.08.09 -
[B]GData 19 2009.08.09 Trojan.Script.126261[/B]
Ikarus T3.1.1.64.0 2009.08.09 -
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 -
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
[B]McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.Script.Crypted[/B]
[B]Microsoft 1.4903 2009.08.09 Trojan:JS/Iframeinject.D[/B]
NOD32 4319 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
Panda 10.0.0.14 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 -
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -[/QUOTE]
Additional information
File size: 29885 bytes
MD5...: 50283ac504205087e663d6024cda6df4
SHA1..: da8c3e7722d12978779954a9dc107acc2751e1be
SHA256: caa5980b1e0640cad0fc57774bee4501b5116a6a01bfb5abb0318603a658a9fa
ssdeep: 384:rmHZmKqnZYHbajzX1iJwxoYJwxoYJwxoYJwxoYJwxoYJwxoYJwxoYJwxoiHr
HrHS:+v70MJwNJwNJwNJwNJwNJwNJwNJww
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
File 1.html received on 2009.08.09 18:59:28 (UTC)
Current status: finished
Result: 1/41 (2.44%)
[QUOTE]a-squared 4.5.0.24 2009.08.09 -
AhnLab-V3 5.0.0.2 2009.08.08 -
AntiVir 7.9.0.248 2009.08.09 -
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
Avast 4.8.1335.0 2009.08.08 -
AVG 8.5.0.406 2009.08.09 -
BitDefender 7.2 2009.08.09 -
CAT-QuickHeal 10.00 2009.08.08 -
ClamAV 0.94.1 2009.08.07 -
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eSafe 7.0.17.0 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
F-Secure 8.0.14470.0 2009.08.09 -
Fortinet 3.120.0.0 2009.08.09 -
GData 19 2009.08.09 -
Ikarus T3.1.1.64.0 2009.08.09 -
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 -
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
[B]McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.LooksLike.JS.Suspicious.A[/B]
Microsoft 1.4903 2009.08.09 -
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
Panda 10.0.0.14 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 -
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -[/QUOTE]
Additional information
File size: 1942 bytes
MD5...: 4e0e2219f32f202d4f6f1eb8a4ce9b11
SHA1..: 4a12305f5f3ac3545e771a03b64682386878e90f
SHA256: 31b32a91999b9b837711901630aa07a8a0214bd592b17f5f46d0e777bc30962c
ssdeep: 48:RHYFyTFqohgiesr1uJpFyTFqohgiesr1uJ6:ZeycohgieYeycohgieYj
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
File conf.php received on 2009.08.09 18:59:40 (UTC)
Current status: finished
Result: 5/39 (12.83%)
[QUOTE]a-squared 4.5.0.24 2009.08.09 -
AhnLab-V3 5.0.0.2 2009.08.08 -
[B]AntiVir 7.9.0.248 2009.08.09 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
[B]Avast 4.8.1335.0 2009.08.08 HTML:IFrame-EZ[/B]
[B]AVG 8.5.0.406 2009.08.09 HTML/Framer.CB[/B]
BitDefender 7.2 2009.08.09 -
CAT-QuickHeal 10.00 2009.08.08 -
ClamAV 0.94.1 2009.08.07 -
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eSafe 7.0.17.0 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
Fortinet 3.120.0.0 2009.08.09 -
[B]GData 19 2009.08.09 HTML:IFrame-EZ[/B]
Ikarus T3.1.1.64.0 2009.08.09 -
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 -
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
[B]McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.BehavesLike.JS.InfectedPage.A[/B]
Microsoft 1.4903 2009.08.09 -
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 -
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -[/QUOTE]
Additional information
File size: 17836 bytes
MD5...: 9f614e7433e13297008c37ec09051f62
SHA1..: 315631097c8fbe500da2eebee546fec7c6686ca0
SHA256: df9bb5cd00f2de548d416ac68ee750a73d9d8ba0a00b00f34b9b053d5d132d54
ssdeep: 384:+xocf8yfDj4J5KvCns1PLjMmySKHrHrHrHG/9:96EMKRmySb
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
File curl.php received on 2009.08.09 18:59:49 (UTC)
Current status: finished
Result: 8/39 (20.52%)
[QUOTE]a-squared 4.5.0.24 2009.08.09 -
AhnLab-V3 5.0.0.2 2009.08.08 -
[B]AntiVir 7.9.0.248 2009.08.09 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
[B]Avast 4.8.1335.0 2009.08.08 HTML:IFrame-EZ[/B]
[B]AVG 8.5.0.406 2009.08.09 HTML/Framer.CB[/B]
[B]BitDefender 7.2 2009.08.09 Trojan.Script.126261[/B]
CAT-QuickHeal 10.00 2009.08.08 -
[B]ClamAV 0.94.1 2009.08.07 Trojan.JS-19[/B]
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eSafe 7.0.17.0 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
Fortinet 3.120.0.0 2009.08.09 -
[B]GData 19 2009.08.09 Trojan.Script.126261[/B]
Ikarus T3.1.1.64.0 2009.08.09 -
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 -
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
[B]McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.BehavesLike.JS.InfectedPage.A[/B]
[B]Microsoft 1.4903 2009.08.09 Trojan:JS/Iframeinject.D[/B]
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 -
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -[/QUOTE]
Additional information
File size: 21797 bytes
MD5...: 9c1b1a22c8a692448359d1aff61bd266
SHA1..: 4b30f35ae51ea02901f060a585a09344d952a550
SHA256: 4cfcf9b7a1e4be09d92456401219dbd4a20f941bab84a4a6da3c2673d6148bd6
ssdeep: 384:UV0+s0POFmg2jlUrjQJwxoYJwxoYJwxoYJwxoYJwxoYJwxoiHrHrHrHG/9:U
a+XPVgelUrjQJwNJwNJwNJwNJwNJww
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
File ftp_check.php received on 2009.08.09 18:59:59 (UTC)
Current status: finished
Result: 5/41 (12.2%)
[QUOTE]a-squared 4.5.0.24 2009.08.09 -
AhnLab-V3 5.0.0.2 2009.08.08 -
[B]AntiVir 7.9.0.248 2009.08.09 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
[B]Avast 4.8.1335.0 2009.08.08 HTML:IFrame-EZ[/B]
[B]AVG 8.5.0.406 2009.08.09 HTML/Framer.CB[/B]
BitDefender 7.2 2009.08.09 -
CAT-QuickHeal 10.00 2009.08.08 -
ClamAV 0.94.1 2009.08.07 -
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eSafe 7.0.17.0 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
F-Secure 8.0.14470.0 2009.08.09 -
Fortinet 3.120.0.0 2009.08.09 -
[B]GData 19 2009.08.09 HTML:IFrame-EZ[/B]
Ikarus T3.1.1.64.0 2009.08.09 -
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 -
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
[B]McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.BehavesLike.JS.InfectedPage.A[/B]
Microsoft 1.4903 2009.08.09 -
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
Panda 10.0.0.14 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 -
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -[/QUOTE]
Additional information
File size: 28016 bytes
MD5...: 9eeda8948b52b6e48d8610ac41736d54
SHA1..: 12c1d0a3a4bb06153addc3012c807a5c9d71cba4
SHA256: 6d4f7ea888ddde90627fe9f0f44ccaf3464918dfd732d8acdd19bfa91ad442a5
ssdeep: 768:96EM/MTXkafbXBKVB5Vws628VvxTFTeGP:ZGa7oVCs8Vv9YGP
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
File googleanalyticsru.html received on 2009.08.09 19:00:02 (UTC)
Current status: finished
Result: 9/41 (21.96%)
[QUOTE]a-squared 4.5.0.24 2009.08.09 -
AhnLab-V3 5.0.0.2 2009.08.08 -
[B]AntiVir 7.9.0.248 2009.08.09 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
[B]Avast 4.8.1335.0 2009.08.08 HTML:IFrame-FX[/B]
[B]AVG 8.5.0.406 2009.08.09 HTML/Framer.CB[/B]
[B]BitDefender 7.2 2009.08.09 Trojan.Script.126261[/B]
CAT-QuickHeal 10.00 2009.08.08 -
[B]ClamAV 0.94.1 2009.08.07 Trojan.JS-19[/B]
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eSafe 7.0.17.0 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
F-Secure 8.0.14470.0 2009.08.09 -
Fortinet 3.120.0.0 2009.08.09 -
[B]GData 19 2009.08.09 Trojan.Script.126261[/B]
Ikarus T3.1.1.64.0 2009.08.09 -
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 -
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
[B]McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.BehavesLike.JS.InfectedPage.A[/B]
[B]Microsoft 1.4903 2009.08.09 Trojan:JS/Iframeinject.D[/B]
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
Panda 10.0.0.14 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
[B]Sophos 4.44.0 2009.08.09 Troj/Iframe-CF[/B]
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -[/QUOTE]
Additional information
File size: 22133 bytes
MD5...: 3ebbac23c4b0d221a24375cd06f198c9
SHA1..: eaf7dfb84f3b9aecb44f74dd2c9a1756c8498d7c
SHA256: 25af917f917e2e2dcfc804c4eb66df727a59fade299005a2d0aea903e33ac165
ssdeep: 384:MAFVrJwxoYJwxoYJwxoYJwxoYJwxoYJwxoYJwxoYJwxoiHrHrHrHG/9:MA3J
wNJwNJwNJwNJwNJwNJwNJww
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
File hifili2.php received on 2009.08.09 19:00:07 (UTC)
Current status: finished
Result: 12/41 (29.27%)
[QUOTE][B]a-squared 4.5.0.24 2009.08.09 Backdoor.PHP.Agent!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.08 -
[B]AntiVir 7.9.0.248 2009.08.09 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
[B]Avast 4.8.1335.0 2009.08.08 HTML:IFrame-EZ[/B]
[B]AVG 8.5.0.406 2009.08.09 HTML/Framer.CB[/B]
[B]BitDefender 7.2 2009.08.09 Trojan.Script.126261[/B]
CAT-QuickHeal 10.00 2009.08.08 -
[B]ClamAV 0.94.1 2009.08.07 Trojan.JS-19[/B]
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eSafe 7.0.17.0 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
[B]F-Secure 8.0.14470.0 2009.08.09 Backdoor.PHP.Agent.cz[/B]
Fortinet 3.120.0.0 2009.08.09 -
[B]GData 19 2009.08.09 Trojan.Script.126261[/B]
[B]Ikarus T3.1.1.64.0 2009.08.09 Backdoor.PHP.Agent[/B]
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
[B]Kaspersky 7.0.0.125 2009.08.09 Backdoor.PHP.Agent.cz[/B]
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
[B]McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.BehavesLike.JS.InfectedPage.A[/B]
[B]Microsoft 1.4903 2009.08.09 Trojan:JS/Iframeinject.D[/B]
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
Panda 10.0.0.14 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 -
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -[/QUOTE]
Additional information
File size: 23714 bytes
MD5...: 5f3fed663b64b6e091531346bb2a7288
SHA1..: fd83a01ae3cb58aa641ac19d58a4aea35d58a9bf
SHA256: 30ab1d0506dd8709cc9e396f1f9eb8fe8a93e637a1d275b46e07340fe7c473f4
ssdeep: 384:PSiO/Orp8oAzMmuOizOFmg2jlUrjQJwxoYJwxoYJwxoYJwxoYJwxoYJwxoYJ
wxoo:PSiO/Orp8oAzMmuOiz/gelUrjQJwNJwc
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
File htaccess.php received on 2009.08.09 19:00:12 (UTC)
Current status: finished
Result: 1/41 (2.44%)
[QUOTE]a-squared 4.5.0.24 2009.08.09 -
AhnLab-V3 5.0.0.2 2009.08.08 -
AntiVir 7.9.0.248 2009.08.09 -
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
Avast 4.8.1335.0 2009.08.08 -
[B]AVG 8.5.0.406 2009.08.09 PHP/BackDoor.AB[/B]
BitDefender 7.2 2009.08.09 -
CAT-QuickHeal 10.00 2009.08.08 -
ClamAV 0.94.1 2009.08.07 -
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eSafe 7.0.17.0 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
F-Secure 8.0.14470.0 2009.08.09 -
Fortinet 3.120.0.0 2009.08.09 -
GData 19 2009.08.09 -
Ikarus T3.1.1.64.0 2009.08.09 -
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 -
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
McAfee-GW-Edition 6.8.5 2009.08.09 -
Microsoft 1.4903 2009.08.09 -
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
Panda 10.0.0.14 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 -
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -[/QUOTE]
Additional information
File size: 83140 bytes
MD5...: 09ce93f06e2733c1d842f8a7c67c0d55
SHA1..: f3513a7fa2da02733f59898dd4e0795b3e477c9c
SHA256: dd7c327feab97b169c10179e24de0990264bc3755e9aad55052c4546b1c2d376
ssdeep: 1536:jQfl4ORQGmsPzCjvw9J6Ux+0PA6r4TRDVlpu9:jQfKWFmO+UxntEFBvu9
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
File rinder1.php received on 2009.08.09 19:00:15 (UTC)
Current status: finished
Result: 12/41 (29.27%)
[QUOTE][B]a-squared 4.5.0.24 2009.08.09 Backdoor.PHP.Agent!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.08 -
[B]AntiVir 7.9.0.248 2009.08.09 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
[B]Avast 4.8.1335.0 2009.08.08 HTML:IFrame-EZ[/B]
[B]AVG 8.5.0.406 2009.08.09 HTML/Framer.CB[/B]
[B]BitDefender 7.2 2009.08.09 Trojan.Script.126261[/B]
CAT-QuickHeal 10.00 2009.08.08 -
[B]ClamAV 0.94.1 2009.08.07 Trojan.JS-19[/B]
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eSafe 7.0.17.0 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
[B]F-Secure 8.0.14470.0 2009.08.09 Backdoor.PHP.Agent.cz[/B]
Fortinet 3.120.0.0 2009.08.09 -
[B]GData 19 2009.08.09 Trojan.Script.126261[/B]
[B]Ikarus T3.1.1.64.0 2009.08.09 Backdoor.PHP.Agent[/B]
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
[B]Kaspersky 7.0.0.125 2009.08.09 Backdoor.PHP.Agent.cz[/B]
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
[B]McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.BehavesLike.JS.InfectedPage.A[/B]
[B]Microsoft 1.4903 2009.08.09 Trojan:JS/Iframeinject.D[/B]
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
Panda 10.0.0.14 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 -
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -[/QUOTE]
Additional information
File size: 23714 bytes
MD5...: 4a7e5314dbcee1200cf71c07292ab9a3
SHA1..: a5e2361fa137dcb495e1ceb8e86ba7c6dd497f51
SHA256: 4ee1c83d4a0487a71ecf1b18d9d3840a8292fcc9ee96b2d81b94d38e302cbb4c
ssdeep: 384:sSiO/Orp8oAzMRuOizOFAg2jlUrjQJwxoYJwxoYJwxoYJwxoYJwxoYJwxoYJ
wxoo:sSiO/Orp8oAzMRuOizNgelUrjQJwNJwc
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
File under.html received on 2009.08.09 19:00:19 (UTC)
Current status: finished
Result: 8/41 (19.52%)
[QUOTE]a-squared 4.5.0.24 2009.08.09 -
AhnLab-V3 5.0.0.2 2009.08.08 -
[B]AntiVir 7.9.0.248 2009.08.09 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
[B]Avast 4.8.1335.0 2009.08.08 HTML:IFrame-EZ[/B]
[B]AVG 8.5.0.406 2009.08.09 HTML/Framer.CB[/B]
[B]BitDefender 7.2 2009.08.09 Trojan.Script.174722[/B]
CAT-QuickHeal 10.00 2009.08.08 -
[B]ClamAV 0.94.1 2009.08.07 Trojan.JS-19[/B]
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eSafe 7.0.17.0 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
F-Secure 8.0.14470.0 2009.08.09 -
Fortinet 3.120.0.0 2009.08.09 -
[B]GData 19 2009.08.09 Trojan.Script.174722[/B]
Ikarus T3.1.1.64.0 2009.08.09 -
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 -
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
[B]McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.Script.Crypted[/B]
[B]Microsoft 1.4903 2009.08.09 Trojan:JS/Iframeinject.D[/B]
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
Panda 10.0.0.14 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 -
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -
[/QUOTE]
Additional information
File size: 16462 bytes
MD5...: f18c2899ef00796700c25ff3b6f64edd
SHA1..: bf4e0d7fa04501cba06875d669c24a783abc48ea
SHA256: 6bf30cb1259cd717bf24d08547c1f57a9073450462bbc5c6a1511359f7558e65
ssdeep: 192:ND4eCWIv1sNl5NwkpRigrjAsKQR9wQR9MU2AJPd8N1kUu8N1kUpIieYj:Nce
CWIdsNl5ukD923AJFHrHG9
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
File xxx.php received on 2009.08.09 19:00:22 (UTC)
Current status: finished
Result: 9/40 (22.5%)
[QUOTE]a-squared 4.5.0.24 2009.08.09 -
AhnLab-V3 5.0.0.2 2009.08.08 -
[B]AntiVir 7.9.0.248 2009.08.09 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
[B]Avast 4.8.1335.0 2009.08.08 HTML:IFrame-EZ[/B]
[B]AVG 8.5.0.406 2009.08.09 HTML/Framer.CB[/B]
[B]BitDefender 7.2 2009.08.09 Trojan.Script.126261[/B]
CAT-QuickHeal 10.00 2009.08.08 -
[B]ClamAV 0.94.1 2009.08.07 Trojan.JS-19[/B]
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
F-Secure 8.0.14470.0 2009.08.09 -
Fortinet 3.120.0.0 2009.08.09 -
[B]GData 19 2009.08.09 Trojan.Script.126261[/B]
Ikarus T3.1.1.64.0 2009.08.09 -
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
Kaspersky 7.0.0.125 2009.08.09 -
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
[B]McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.BehavesLike.JS.InfectedPage.A[/B]
[B]Microsoft 1.4903 2009.08.09 Trojan:JS/Iframeinject.D[/B]
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
Panda 10.0.0.14 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
[B]Sophos 4.44.0 2009.08.09 Troj/Iframe-CF[/B]
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -
[/QUOTE]
Additional information
File size: 18745 bytes
MD5...: 8116498557c4fcbee23caf7a3ffecd2f
SHA1..: b20d6a102780bccfb73e6b9967aa88412fd53b18
SHA256: cf3eda1e00e4eba9145c3171c4cd290a19c859cbb771cd38e8e2e57b8bd99dfa
ssdeep: 384:TsJwxoYJwxoYJwxoYJwxoYJwxoYJwxoYJwxoiHrHrHrHG/9:TsJwNJwNJwNJ
wNJwNJwNJww
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
File zenis2e.php received on 2009.08.09 19:00:25 (UTC)
Current status: finished
Result: 12/40 (30%)
[QUOTE][B]a-squared 4.5.0.24 2009.08.09 Backdoor.PHP.Agent!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.08 -
[B]AntiVir 7.9.0.248 2009.08.09 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.07 -
Authentium 5.1.2.4 2009.08.09 -
[B]Avast 4.8.1335.0 2009.08.08 HTML:IFrame-EZ[/B]
[B]AVG 8.5.0.406 2009.08.09 HTML/Framer.CB[/B]
[B]BitDefender 7.2 2009.08.09 Trojan.Script.126261[/B]
CAT-QuickHeal 10.00 2009.08.08 -
[B]ClamAV 0.94.1 2009.08.07 Trojan.JS-19[/B]
Comodo 1923 2009.08.09 -
DrWeb 5.0.0.12182 2009.08.09 -
eTrust-Vet 31.6.6667 2009.08.08 -
F-Prot 4.4.4.56 2009.08.09 -
[B]F-Secure 8.0.14470.0 2009.08.09 Backdoor.PHP.Agent.cz[/B]
Fortinet 3.120.0.0 2009.08.09 -
[B]GData 19 2009.08.09 Trojan.Script.126261[/B]
[B]Ikarus T3.1.1.64.0 2009.08.09 Backdoor.PHP.Agent[/B]
Jiangmin 11.0.800 2009.08.09 -
K7AntiVirus 7.10.814 2009.08.08 -
[B]Kaspersky 7.0.0.125 2009.08.09 Backdoor.PHP.Agent.cz[/B]
McAfee 5704 2009.08.09 -
McAfee+Artemis 5704 2009.08.09 -
[B]McAfee-GW-Edition 6.8.5 2009.08.09 Heuristic.BehavesLike.JS.InfectedPage.A[/B]
[B]Microsoft 1.4903 2009.08.09 Trojan:JS/Iframeinject.D[/B]
NOD32 4320 2009.08.09 -
Norman 6.01.09 2009.08.07 -
nProtect 2009.1.8.0 2009.08.09 -
Panda 10.0.0.14 2009.08.09 -
PCTools 4.4.2.0 2009.08.09 -
Prevx 3.0 2009.08.09 -
Rising 21.41.62.00 2009.08.09 -
Sophos 4.44.0 2009.08.09 -
Sunbelt 3.2.1858.2 2009.08.09 -
Symantec 1.4.4.12 2009.08.09 -
TheHacker 6.3.4.3.378 2009.08.08 -
TrendMicro 8.950.0.1094 2009.08.08 -
VBA32 3.12.10.9 2009.08.09 -
ViRobot 2009.8.8.1875 2009.08.08 -
VirusBuster 4.6.5.0 2009.08.09 -[/QUOTE]
Additional information
File size: 23714 bytes
MD5...: dcc13ba35e4ec2161d588a8dead05311
SHA1..: 179d0a5cc95104d6754f380cfc4a244b2dcde23b
SHA256: 77884187d53097f0e5c726dbb191aa3f9b92faf3b512d4213deadbf199f06552
ssdeep: 384:SSiO/Orp8oAzMeuOizOFRg2jlUrjQJwxoYJwxoYJwxoYJwxoYJwxoYJwxoYJ
wxoo:SSiO/Orp8oAzMeuOizUgelUrjQJwNJwc
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
-
Это не ложное срабатывание
File boxedrecipes received on 2009.08.10 19:34:23 (UTC)
Current status: finished
Result: 2/41 (4.88%)
[QUOTE]a-squared 4.5.0.24 2009.08.10 -
AhnLab-V3 5.0.0.2 2009.08.10 -
[B]AntiVir 7.9.0.248 2009.08.10 HEUR/HTML.Malware[/B]
Antiy-AVL 2.0.3.7 2009.08.10 -
Authentium 5.1.2.4 2009.08.09 -
Avast 4.8.1335.0 2009.08.10 -
AVG 8.5.0.406 2009.08.10 -
BitDefender 7.2 2009.08.10 -
CAT-QuickHeal 10.00 2009.08.10 -
ClamAV 0.94.1 2009.08.10 -
Comodo 1935 2009.08.10 -
DrWeb 5.0.0.12182 2009.08.10 -
eSafe 7.0.17.0 2009.08.10 -
eTrust-Vet 31.6.6670 2009.08.10 -
F-Prot 4.4.4.56 2009.08.09 -
F-Secure 8.0.14470.0 2009.08.10 -
Fortinet 3.120.0.0 2009.08.10 -
GData 19 2009.08.10 -
Ikarus T3.1.1.64.0 2009.08.10 -
Jiangmin 11.0.800 2009.08.10 -
K7AntiVirus 7.10.815 2009.08.10 -
Kaspersky 7.0.0.125 2009.08.10 -
McAfee 5705 2009.08.10 -
McAfee+Artemis 5705 2009.08.10 -
[B]McAfee-GW-Edition 6.8.5 2009.08.10 Heuristic.HTML.Malware[/B]
Microsoft 1.4903 2009.08.10 -
NOD32 4323 2009.08.10 -
Norman 6.01.09 2009.08.10 -
nProtect 2009.1.8.0 2009.08.10 -
Panda 10.0.0.14 2009.08.10 -
PCTools 4.4.2.0 2009.08.10 -
Prevx 3.0 2009.08.10 -
Rising 21.42.04.00 2009.08.10 -
Sophos 4.44.0 2009.08.10 -
Sunbelt 3.2.1858.2 2009.08.10 -
Symantec 1.4.4.12 2009.08.10 -
TheHacker 6.3.4.3.379 2009.08.10 -
TrendMicro 8.950.0.1094 2009.08.10 -
VBA32 3.12.10.9 2009.08.10 -
ViRobot 2009.8.10.1877 2009.08.10 -
VirusBuster 4.6.5.0 2009.08.10 -[/QUOTE]
Additional information
File size: 9527 bytes
MD5...: f956120e95bf42c42b30ff52ef82def9
SHA1..: 69f7ee5e68d74cb87a4e32dd0aabec25f228b9a4
SHA256: 203296b914bbe04ccf39084daae0d6e6e44722639e942f4521bff73dccd5cf4c
ssdeep: 192:iLzV3Jpi3dSN01S0KdLnz0h5E15+fO/C+iRC+JdS1xGy2:iN3XiNonz9KfOK
9EodS1UV
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
-
Файл VK.rar получен 2009.08.10 21:04:35 (UTC)
Текущий статус: закончено
Результат: 13/40 (32.5%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.10 Trojan.BAT.Agent!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.10 -
AntiVir 7.9.0.248 2009.08.10 -
Antiy-AVL 2.0.3.7 2009.08.10 -
Authentium 5.1.2.4 2009.08.10 -
Avast 4.8.1335.0 2009.08.10 -
AVG 8.5.0.406 2009.08.10 -
BitDefender 7.2 2009.08.10 -
CAT-QuickHeal 10.00 2009.08.10 -
ClamAV 0.94.1 2009.08.10 -
Comodo 1936 2009.08.10 -
[B]DrWeb 5.0.0.12182 2009.08.10 Trojan.Hosts.52[/B]
eTrust-Vet 31.6.6670 2009.08.10 -
F-Prot 4.4.4.56 2009.08.10 -
[B]F-Secure 8.0.14470.0 2009.08.10 Trojan.BAT.Qhost.eu[/B]
Fortinet 3.120.0.0 2009.08.10 -
GData 19 2009.08.10 -
[B]Ikarus T3.1.1.64.0 2009.08.10 Trojan.BAT.Agent[/B]
Jiangmin 11.0.800 2009.08.10 -
K7AntiVirus 7.10.815 2009.08.10 -
[B]Kaspersky 7.0.0.125 2009.08.10 Trojan.BAT.Qhost.eu[/B]
McAfee 5705 2009.08.10 -
[B]McAfee+Artemis 5705 2009.08.10 Artemis!FBB7DC2128C3
McAfee-GW-Edition 6.8.5 2009.08.10 Heuristic.BehavesLike.Win32.ModifiedUPX.B!88
Microsoft 1.4903 2009.08.10 Trojan:Win32/Qhost.AY[/B]
NOD32 4323 2009.08.10 -
Norman 6.01.09 2009.08.10 -
nProtect 2009.1.8.0 2009.08.10 -
[B]Panda 10.0.0.14 2009.08.10 Trj/CI.A[/B]
PCTools 4.4.2.0 2009.08.10 -
Prevx 3.0 2009.08.10 -
[B]Rising 21.42.04.00 2009.08.10 Dropper.Win32.Agent.zrh
Sophos 4.44.0 2009.08.10 Sus/Dropper-A[/B]
Sunbelt 3.2.1858.2 2009.08.10 -
Symantec 1.4.4.12 2009.08.10 -
TheHacker 6.3.4.3.379 2009.08.10 -
[B]TrendMicro 8.950.0.1094 2009.08.10 PAK_Generic.001
VBA32 3.12.10.9 2009.08.10 Trojan-Dropper.Win32.B2E[/B]
ViRobot 2009.8.10.1877 2009.08.10 -
VirusBuster 4.6.5.0 2009.08.10 -[/QUOTE]
Дополнительная информация
File size: 17114 bytes
MD5...: a5ac97253bab1e3986992b68ade2d3bd
SHA1..: f670f88a6f47259145db659d8cc16dfeeedaebb0
SHA256: b45f71cd1ffa30bf4a7947433121cc2bfdcc54ee717aa0dfb685910423ba2ac4
ssdeep: 384:E0GzagWk8MiWhCiIi5C8zdoiStaHdgvLRZotKyxs4JizlUPJoG0sz:E0DgWk
8Mv8ydoil9gv9oKyHxxoFsz
PEiD..: -
TrID..: File type identification
RAR Archive (83.3%)
REALbasic Project (16.6%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
packers (Kaspersky): UPX
packers (F-Prot): embedded, UPX_LZMA
[url]http://www.virustotal.com/ru/analisis/b45f71cd1ffa30bf4a7947433121cc2bfdcc54ee717aa0dfb685910423ba2ac4-1249938275[/url]
-
очередное пандо
Файл sdra64.exe получен 2009.08.11 06:08:31 (UTC)
[CODE]Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.11 -
AhnLab-V3 5.0.0.2 2009.08.11 -
[B]AntiVir 7.9.0.248 2009.08.10 TR/Dropper.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.11 -
Avast 4.8.1335.0 2009.08.10 -
[B]AVG 8.5.0.406 2009.08.10 FakeAlert.LW[/B]
BitDefender 7.2 2009.08.11 -
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.10 -
Comodo 1938 2009.08.11 -
DrWeb 5.0.0.12182 2009.08.11 -
eSafe 7.0.17.0 2009.08.10 -
eTrust-Vet 31.6.6670 2009.08.10 -
F-Prot 4.4.4.56 2009.08.10 -
F-Secure 8.0.14470.0 2009.08.10 -
Fortinet 3.120.0.0 2009.08.11 -
GData 19 2009.08.11 -
Ikarus T3.1.1.64.0 2009.08.11 -
Jiangmin 11.0.800 2009.08.10 -
K7AntiVirus 7.10.815 2009.08.10 -
[B]Kaspersky 7.0.0.125 2009.08.11 Trojan-Spy.Win32.Zbot.aacg[/B]
McAfee 5705 2009.08.10 -
McAfee+Artemis 5705 2009.08.10 -
[B]McAfee-GW-Edition 6.8.5 2009.08.10 Trojan.Dropper.Gen
Microsoft 1.4903 2009.08.10 PWS:Win32/Zbot.PG[/B]
NOD32 4324 2009.08.11 -
Norman 6.01.09 2009.08.10 -
nProtect 2009.1.8.0 2009.08.11 -
Panda 10.0.0.14 2009.08.10 -
PCTools 4.4.2.0 2009.08.10 -
Prevx 3.0 2009.08.11 -
[B]Rising 21.42.10.00 2009.08.11 Unknown Win32 Virus
Sophos 4.44.0 2009.08.11 Mal/BredoPk-B
Sunbelt 3.2.1858.2 2009.08.11 Trojan-Downloader.Win32.Bredolab.x (v)[/B]
Symantec 1.4.4.12 2009.08.11 -
TheHacker 6.3.4.3.380 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 -
VBA32 3.12.10.9 2009.08.10 -
ViRobot 2009.8.11.1878 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.10 -
Дополнительная информация
File size: 458752 bytes
MD5 : a0edc08552c1a53ac3d0932e102f80c4
SHA1 : 0b16a02f43a472cd2d547b548a94f9c4e8ef0ac9
SHA256: ec84d000e490df3301f07a0176b281e0878187a0748da47f037309d9980ff143
PEInfo: PE Structure information<br> <br> ( base data )<br> entrypointaddress.: 0x172D2<br> timedatestamp.....: 0x487D2B3C (Wed Jul 16 00:57:00 2008)<br> machinetype.......: 0x14C (Intel I386)<br> <br> ( 3 sections )<br> name viradd virsiz rawdsiz ntrpy md5<br> .text 0x1000 0x19000 0x18E00 5.94 d2ddd11b5a13ce478a1a2e7843aac8f2<br>.rdata 0x1A000 0x1000 0xE00 4.90 0d4d1e52b63a4b3025bb8d424c87cdf2<br>.rsrc 0x1B000 0x1000 0x400 2.71 654901af9774ee40de8b8f213a508432<br> <br> ( 2 imports )<br> <br>> kernel32.dll: VirtualProtect, GetVersionExA, GetModuleFileNameA, FreeLibrary, CreateThread, lstrcmpiW, DeleteCriticalSection, VirtualAlloc, InitializeCriticalSection, GetModuleHandleA, SetLastError, InterlockedExchange, InterlockedIncrement, CreateThread, QueryPerformanceCounter, LoadLibraryA, InitializeCriticalSection, CreateThread, VirtualProtect, DeleteCriticalSection, GetModuleFileNameA, InterlockedDecrement, VirtualProtect, Sleep, GetModuleHandleW, VirtualProtect, LoadLibraryW, CloseHandle, EnterCriticalSection, QueryPerformanceCounter, UnhandledExceptionFilter, GetCurrentThreadId, CreateThread, HeapFree, EnterCriticalSection, CreateFileW, HeapAlloc, CreateThread, MultiByteToWideChar, HeapAlloc, DeleteCriticalSection, GetLastError, GetCurrentThreadId, GetModuleHandleW, InterlockedIncrement, GetModuleHandleA, SetLastError, InterlockedExchange, UnhandledExceptionFilter, EnterCriticalSection, VirtualAlloc, VirtualProtect, GetTickCount, CreateEventW, HeapFree, lstrcmpiW, GetSystemTimeAsFileTime, SetLastError, GetSystemTimeAsFileTime, HeapFree, HeapFree, LoadLibraryA<br>> user32.dll: CreateWindowExW, SendDlgItemMessageW, PostQuitMessage, LoadCursorW, DispatchMessageW, wsprintfA, EndDialog, SendDlgItemMessageW, ShowWindow, LoadIconW, GetWindowLongW, GetWindowLongW, GetClientRect, BeginPaint, LoadStringW, SetWindowLongW, LoadStringW, ReleaseDC, PostMessageW, IsWindow, EndPaint, SetTimer, CreateWindowExW, SetForegroundWindow, SendMessageW, SetWindowTextW, wsprintfA, LoadIconW, CreateWindowExW, SetWindowLongW, LoadIconW, GetFocus, LoadCursorW, ShowWindow, SetWindowPos, SetForegroundWindow, EndPaint, DispatchMessageW, GetParent, LoadStringW, DispatchMessageW, LoadCursorW, SendMessageW, EnableWindow, SetCursor, SetWindowPos, GetDesktopWindow, GetWindowLongW, SetWindowTextW, InvalidateRect, GetFocus, CharNextW, CreateWindowExW, DefWindowProcW, CharNextW, GetSysColor, GetFocus, DefWindowProcW, GetDC, SendDlgItemMessageW, CharNextW, CreateWindowExW, GetSystemMetrics, SendDlgItemMessageW, MessageBoxW, DestroyWindow, PostMessageW, TranslateMessage, SetForegroundWindow, PeekMessageW<br> <br> ( 0 exports )<br>
TrID : File type identification<br>Win32 Executable Generic (42.3%)<br>Win32 Dynamic Link Library (generic) (37.6%)<br>Generic Win/DOS Executable (9.9%)<br>DOS Executable Generic (9.9%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
ssdeep: 6144:HQUUvgSyiklE7v0jOyRhr9+r2Q+cfwWGb8ByDQ7NsOdPNleJd:HEEiT0jOyRhZmTlUDANsnJd
PEiD : -
RDS : NSRL Reference Data Set<br>-
[/CODE]
-
Это все было в моем сельсовете :O Это все там и осталось :D
Файл avz00001.dta получен 2009.08.11 12:07:41 (UTC)
Текущий статус: закончено
Результат: 14/41 (34.15%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.11 -
AhnLab-V3 5.0.0.2 2009.08.11 -
[B]AntiVir 7.9.0.248 2009.08.11 TR/Dropper.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.11 -
Avast 4.8.1335.0 2009.08.10 -
AVG 8.5.0.406 2009.08.11 -
[B]BitDefender 7.2 2009.08.11 Trojan.FakeAv.OT[/B]
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.11 -
[B]Comodo 1941 2009.08.11 TrojWare.Win32.FraudTool.Agent.~IPX[/B]
DrWeb 5.0.0.12182 2009.08.11 -
eSafe 7.0.17.0 2009.08.10 -
[B]eTrust-Vet 31.6.6672 2009.08.11 Win32/SystemSecurity!generic[/B]
F-Prot 4.4.4.56 2009.08.10 -
F-Secure 8.0.14470.0 2009.08.11 -
Fortinet 3.120.0.0 2009.08.11 -
[B]GData 19 2009.08.11 Trojan.FakeAv.OT[/B]
Ikarus T3.1.1.64.0 2009.08.11 -
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.815 2009.08.10 -
Kaspersky 7.0.0.125 2009.08.11 -
[B]McAfee 5705 2009.08.10 FakeAlert-CO
McAfee+Artemis 5705 2009.08.10 FakeAlert-CO
McAfee-GW-Edition 6.8.5 2009.08.11 Heuristic.LooksLike.Trojan.Dropper.J
Microsoft 1.4903 2009.08.11 Trojan:Win32/Winwebsec[/B]
NOD32 4325 2009.08.11 -
[B]Norman 6.01.09 2009.08.10 W32/FakeAV.E!genr[/B]
nProtect 2009.1.8.0 2009.08.11 -
Panda 10.0.0.14 2009.08.10 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.11 -
[B]Rising 21.42.13.00 2009.08.11 Unknown Win32 Virus
Sophos 4.44.0 2009.08.11 Mal/FakeAV-AD
Sunbelt 3.2.1858.2 2009.08.11 FraudTool.Win32.RogueSecurity (v)
Symantec 1.4.4.12 2009.08.11 Trojan.Fakeavalert[/B]
TheHacker 6.3.4.3.380 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 -
VBA32 3.12.10.9 2009.08.10 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.10 -[/QUOTE]
Дополнительная информация
File size: 708666 bytes
MD5...: e29f12b00cb94f48a507a8f41ee20391
SHA1..: cdcfb115b7dfb354368bb4e3948c9823ded07298
SHA256: f960a5f8b86fd357e0a44ae685bae08ae9d3ebd8a3f9bec5604fcc81a7d3f146
ssdeep: 12288:shmExIsZ79wE7PUo/uP+isheAbp0S1e7ACuQH6ZbESJU98v7:NE2qSuplp
0S1et3GbzCw7
PEiD..: Armadillo v1.71
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
[url]http://www.virustotal.com/ru/analisis/f960a5f8b86fd357e0a44ae685bae08ae9d3ebd8a3f9bec5604fcc81a7d3f146-1249992461[/url]
Файл avz00002.dta получен 2009.08.11 12:07:33 (UTC)
Текущий статус: закончено
Результат: 23/41 (56.1%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.11 Gen.Win32!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.11 -
[B]AntiVir 7.9.0.248 2009.08.11 TR/Crypt.ZPACK.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.11 -
[B]Avast 4.8.1335.0 2009.08.10 Win32:Sality
AVG 8.5.0.406 2009.08.11 Win32/Heur
BitDefender 7.2 2009.08.11 Gen:Win32.Sality.Dam
CAT-QuickHeal 10.00 2009.08.11 W32.Sality.R[/B]
ClamAV 0.94.1 2009.08.11 -
Comodo 1941 2009.08.11 -
[B]DrWeb 5.0.0.12182 2009.08.11 modification of Win32.Sector.5
eSafe 7.0.17.0 2009.08.10 Suspicious File
eTrust-Vet 31.6.6672 2009.08.11 Win32/Sality.AA[/B]
F-Prot 4.4.4.56 2009.08.10 -
F-Secure 8.0.14470.0 2009.08.11 -
[B]Fortinet 3.120.0.0 2009.08.11 W32/Sality.AA
GData 19 2009.08.11 Gen:Win32.Sality.Dam
Ikarus T3.1.1.64.0 2009.08.11 Gen.Win32[/B]
Jiangmin 11.0.800 2009.08.11 -
[B]K7AntiVirus 7.10.815 2009.08.10 Virus.Win32.Sality.AA[/B]
Kaspersky 7.0.0.125 2009.08.11 -
McAfee 5705 2009.08.10 -
McAfee+Artemis 5705 2009.08.10 -
[B]McAfee-GW-Edition 6.8.5 2009.08.11 Trojan.Crypt.ZPACK.Gen
Microsoft 1.4903 2009.08.11 Virus:Win32/Sality.gen
NOD32 4325 2009.08.11 a variant of Win32/Sality[/B]
Norman 6.01.09 2009.08.10 -
nProtect 2009.1.8.0 2009.08.11 -
[B]Panda 10.0.0.14 2009.08.10 W32/Sality.AK[/B]
PCTools 4.4.2.0 2009.08.11 -
[B]Prevx 3.0 2009.08.11 Medium Risk Malware
Rising 21.42.13.00 2009.08.11 Win32.KUKU.GEN
Sophos 4.44.0 2009.08.11 W32/Sality-AM[/B]
Sunbelt 3.2.1858.2 2009.08.11 -
Symantec 1.4.4.12 2009.08.11 -
TheHacker 6.3.4.3.380 2009.08.11 -
[B]TrendMicro 8.950.0.1094 2009.08.11 Mal_Sality[/B]
VBA32 3.12.10.9 2009.08.10 -
[B]ViRobot 2009.8.11.1879 2009.08.11 Win32.Sality.K
VirusBuster 4.6.5.0 2009.08.10 Win32.Sality.AO.Gen[/B][/QUOTE]
Дополнительная информация
File size: 110592 bytes
MD5...: 9c90148ade85235638250dbc2b94fa82
SHA1..: 56de25ebaab6d07dcffb56d77ea0b8e91f5396d2
SHA256: 9bd75793523ce079eeb854306c1689d4729ebb467b5f369f805828848a07315b
ssdeep: 3072:YrIz4tSbwoF1j5xC8CDz+DLM4zSxcnJiHdwCt0v2F1mtZW:YrQwo1khDCDL
M4zfnU2M0eCrW
PEiD..: -
TrID..: File type identification
Win32 Dynamic Link Library (generic) (65.4%)
Generic Win/DOS Executable (17.2%)
DOS Executable Generic (17.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
[url]http://www.virustotal.com/ru/analisis/9bd75793523ce079eeb854306c1689d4729ebb467b5f369f805828848a07315b-1249992453[/url]
Файл avz.exe получен 2009.08.11 12:07:40 (UTC)
Текущий статус: закончено
Результат: 17/41 (41.47%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.11 Virus.Win32.Virut!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.11 -
[B]AntiVir 7.9.0.248 2009.08.11 W32/Virut.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.11 -
[B]Avast 4.8.1335.0 2009.08.10 Win32:Vitro
AVG 8.5.0.406 2009.08.11 Win32/Virut[/B]
BitDefender 7.2 2009.08.11 -
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.11 -
Comodo 1941 2009.08.11 -
DrWeb 5.0.0.12182 2009.08.11 -
[B]eSafe 7.0.17.0 2009.08.10 Suspicious File[/B]
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.10 -
F-Secure 8.0.14470.0 2009.08.11 -
Fortinet 3.120.0.0 2009.08.11 -
[B]GData 19 2009.08.11 Win32:Vitro
Ikarus T3.1.1.64.0 2009.08.11 Virus.Win32.Virut[/B]
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.815 2009.08.10 -
Kaspersky 7.0.0.125 2009.08.11 -
[B]McAfee 5705 2009.08.10 New Malware.bj
McAfee+Artemis 5705 2009.08.10 New Malware.bj
McAfee-GW-Edition 6.8.5 2009.08.11 Win32.Virut.Gen[/B]
Microsoft 1.4903 2009.08.11 -
[B]NOD32 4325 2009.08.11 Win32/Virut.NBP[/B]
Norman 6.01.09 2009.08.10 -
nProtect 2009.1.8.0 2009.08.11 -
[B]Panda 10.0.0.14 2009.08.10 W32/Sality.AO[/B]
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.11 -
Rising 21.42.13.00 2009.08.11 -
[B]Sophos 4.44.0 2009.08.11 Mal/HckPk-A
Sunbelt 3.2.1858.2 2009.08.11 Virus.Win32.Virut.ce (v)
Symantec 1.4.4.12 2009.08.11 W32.Virut.CF[/B]
TheHacker 6.3.4.3.380 2009.08.11 -
[B]TrendMicro 8.950.0.1094 2009.08.11 PE_VIRUX.F[/B]
VBA32 3.12.10.9 2009.08.10 -
ViRobot 2009.8.11.1879 2009.08.11 -
[B]VirusBuster 4.6.5.0 2009.08.10 Win32.Virut.Y.Gen[/B][/QUOTE]
Дополнительная информация
File size: 756736 bytes
MD5...: ac841553c785139c05f0c9729d1083e1
SHA1..: f83688de87f96ae4f243a64a238bf8e19b4cad3d
SHA256: 0030935072726e61d403a4d71c2da3e1400bd73691c267544d67ebcfdca23e31
ssdeep: 12288:SiOpgP8Dom/fzLqUP9XoW7VypyI6L9QQp+nE16ZQmReJ7LBiXW9fB5N:SP
pg0ksfN9XH7kpQpMA6ZteJRio5N
PEiD..: -
TrID..: File type identification
Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information
[url]http://www.virustotal.com/ru/analisis/0030935072726e61d403a4d71c2da3e1400bd73691c267544d67ebcfdca23e31-1249992460[/url]
Файл avz00012.dta получен 2009.08.11 12:12:37 (UTC)
Текущий статус: закончено
Результат: 8/41 (19.52%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.11 Trojan.Win32.Smardf!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.11 -
[B]AntiVir 7.9.0.248 2009.08.11 DR/Delphi.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.11 -
Avast 4.8.1335.0 2009.08.10 -
AVG 8.5.0.406 2009.08.11 -
BitDefender 7.2 2009.08.11 -
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.11 -
Comodo 1941 2009.08.11 -
DrWeb 5.0.0.12182 2009.08.11 -
eSafe 7.0.17.0 2009.08.10 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.10 -
F-Secure 8.0.14470.0 2009.08.11 -
Fortinet 3.120.0.0 2009.08.11 -
GData 19 2009.08.11 -
[B]Ikarus T3.1.1.64.0 2009.08.11 Trojan.Win32.Smardf[/B]
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.815 2009.08.10 -
Kaspersky 7.0.0.125 2009.08.11 -
McAfee 5705 2009.08.10 -
McAfee+Artemis 5705 2009.08.10 -
[B]McAfee-GW-Edition 6.8.5 2009.08.11 Heuristic.BehavesLike.Win32.Dropper.B[/B]
[B]Microsoft 1.4903 2009.08.11 Trojan:Win32/Delf.gen!C[/B]
NOD32 4325 2009.08.11 -
Norman 6.01.09 2009.08.10 -
[B]nProtect 2009.1.8.0 2009.08.11 Trojan/W32.Smardf.124416.D[/B]
Panda 10.0.0.14 2009.08.10 -
PCTools 4.4.2.0 2009.08.11 -
[B]Prevx 3.0 2009.08.11 High Risk Fraudulent Security Program[/B]
Rising 21.42.13.00 2009.08.11 -
Sophos 4.44.0 2009.08.11 -
Sunbelt 3.2.1858.2 2009.08.11 -
[B]Symantec 1.4.4.12 2009.08.11 Downloader[/B]
TheHacker 6.3.4.3.380 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 -
VBA32 3.12.10.9 2009.08.10 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.10 -[/QUOTE]
Дополнительная информация
File size: 124416 bytes
MD5...: 33508d9ebc8cf3c04dc2b310027f28a5
SHA1..: 6416dfb7bdf8588b2f3b1c58be098b345cc7a048
SHA256: faf58e0a62a38e9f2cd77811d9a5806fd2e69099f38bca8b6ff137c660144530
ssdeep: 1536:wIq+E53FXSNRPV+w8hcqLNhrgIvNSFC/6MIvcg9BkQmwTvaDTfNWtHiG7E9
6RXUg:PaFCNRPV+wycOSFNmwTvaDUHFELS9xcC
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (58.3%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.7%)
DOS Executable Generic (13.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
[url]http://www.virustotal.com/ru/analisis/faf58e0a62a38e9f2cd77811d9a5806fd2e69099f38bca8b6ff137c660144530-1249992757[/url]
-
File ey.js received on 2009.08.12 02:51:17 (UTC)
Current status: finished
Result: 13/41 (31.71%)
[QUOTE]a-squared 4.5.0.24 2009.08.12 -
AhnLab-V3 5.0.0.2 2009.08.11 -
[B]AntiVir 7.9.1.0 2009.08.11 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.12 -
[B]Avast 4.8.1335.0 2009.08.11 JS:Redirector-H7[/B]
AVG 8.5.0.406 2009.08.12 -
BitDefender 7.2 2009.08.12 -
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.12 -
Comodo 1949 2009.08.12 -
DrWeb 5.0.0.12182 2009.08.12 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.11 -
[B]F-Secure 8.0.14470.0 2009.08.11 Trojan-Downloader.JS.Gumblar.a[/B]
Fortinet 3.120.0.0 2009.08.12 -
[B]GData 19 2009.08.12 JS:Redirector-H7[/B]
Ikarus T3.1.1.64.0 2009.08.12 -
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.816 2009.08.11 -
[B]Kaspersky 7.0.0.125 2009.08.12 Trojan-Downloader.JS.Gumblar.a[/B]
[B]McAfee 5706 2009.08.11 Obfuscated Script.f.gen.a[/B]
[B]McAfee+Artemis 5706 2009.08.11 Obfuscated Script.f.gen.a[/B]
[B]McAfee-GW-Edition 6.8.5 2009.08.11 Heuristic.Script.Crypted[/B]
[B]Microsoft 1.4903 2009.08.11 Trojan:JS/Gamburl.gen!A[/B]
[B]NOD32 4327 2009.08.11 JS/TrojanDownloader.Agent.NQB.gen[/B]
Norman 6.01.09 2009.08.11 -
nProtect 2009.1.8.0 2009.08.12 -
[B]Panda 10.0.0.14 2009.08.11 JS/Gumbler.A[/B]
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.12 -
Rising 21.42.14.00 2009.08.11 -
[B]Sophos 4.44.0 2009.08.12 Troj/JSRedir-R[/B]
Sunbelt 3.2.1858.2 2009.08.12 -
Symantec 1.4.4.12 2009.08.12 -
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 -
VBA32 3.12.10.9 2009.08.12 -
ViRobot 2009.8.11.1879 2009.08.11 -
[B]VirusBuster 4.6.5.0 2009.08.11 JS.Crypt.BQK[/B]
[/QUOTE]
Additional information
File size: 2766 bytes
MD5...: d963565b1dbb10b354a309df74603292
SHA1..: 449a8352f21257d8cefec9f974a7dd10fa2c94b4
SHA256: fc53ffb981ce44a55a08dd6c7b5d5ac996335dc0a5bca6fb521517f4e2653a5d
ssdeep: 48:qHfHB0VrKxHhSWHzbHNjRHg9BHJhPHIHlHGHwT5s68/rW4lkal:8vB0EBhSAz
jNjhg9xJh/6dQw9s68/HCy
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
File glupoe.htm received on 2009.08.12 02:51:29 (UTC)
Current status: finished
Result: 11/41 (26.83%)
[QUOTE]a-squared 4.5.0.24 2009.08.12 -
AhnLab-V3 5.0.0.2 2009.08.11 -
[B]AntiVir 7.9.1.0 2009.08.11 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.12 -
[B]Avast 4.8.1335.0 2009.08.11 HTML:IFrame-FG[/B]
[B]AVG 8.5.0.406 2009.08.12 JS/Downloader.Agent[/B]
BitDefender 7.2 2009.08.12 -
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.12 -
Comodo 1949 2009.08.12 -
DrWeb 5.0.0.12182 2009.08.12 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.11 -
F-Secure 8.0.14470.0 2009.08.11 -
Fortinet 3.120.0.0 2009.08.12 -
[B]GData 19 2009.08.12 HTML:IFrame-FG[/B]
Ikarus T3.1.1.64.0 2009.08.12 -
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.816 2009.08.11 -
Kaspersky 7.0.0.125 2009.08.12 -
[B]McAfee 5706 2009.08.11 JS/Downloader.gen[/B]
[B]McAfee+Artemis 5706 2009.08.11 JS/Downloader.gen[/B]
[B]McAfee-GW-Edition 6.8.5 2009.08.11 Heuristic.ZKit.gen[/B]
[B]Microsoft 1.4903 2009.08.11 TrojanDownloader:JS/Psyme.gen[/B]
[B]NOD32 4327 2009.08.11 HTML/TrojanClicker.Iframe.GT.gen[/B]
Norman 6.01.09 2009.08.11 -
nProtect 2009.1.8.0 2009.08.12 -
Panda 10.0.0.14 2009.08.11 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.12 -
Rising 21.42.14.00 2009.08.11 -
[B]Sophos 4.44.0 2009.08.12 Mal/ObfJS-AB[/B]
Sunbelt 3.2.1858.2 2009.08.12 -
Symantec 1.4.4.12 2009.08.12 -
TheHacker 6.3.4.3.381 2009.08.11 -
[B]TrendMicro 8.950.0.1094 2009.08.11 Mal_Hifrm-2[/B]
VBA32 3.12.10.9 2009.08.12 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.11 -[/QUOTE]
Additional information
File size: 979 bytes
MD5...: 808d85bc894ccb50e10139649d2a7151
SHA1..: c1c43e0ebcd5a4fb0b23ffb9ea96c5471fb40742
SHA256: 6d14ca48ff0b9ca3da13832c1102f11341fbb18f32ec34c7afe5c1876e399738
ssdeep: 12:COeqJmrL9vBCYJU4X9qPf9QBLEHL+REkPwIHMU80Wk5XWvrRH8SojLZVIcsvg
b:CmC9vBF1X9of9oLN520Wk5cenP8Yb
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
File gmail.htm received on 2009.08.12 02:51:33 (UTC)
Current status: finished
Result: 3/41 (7.32%)
[QUOTE]a-squared 4.5.0.24 2009.08.12 -
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.1.0 2009.08.11 -
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.12 -
Avast 4.8.1335.0 2009.08.11 -
AVG 8.5.0.406 2009.08.12 -
[B]BitDefender 7.2 2009.08.12 Trojan.Script.10715[/B]
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.12 -
Comodo 1949 2009.08.12 -
DrWeb 5.0.0.12182 2009.08.12 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.11 -
F-Secure 8.0.14470.0 2009.08.11 -
Fortinet 3.120.0.0 2009.08.12 -
[B]GData 19 2009.08.12 Trojan.Script.10715[/B]
Ikarus T3.1.1.64.0 2009.08.12 -
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.816 2009.08.11 -
Kaspersky 7.0.0.125 2009.08.12 -
McAfee 5706 2009.08.11 -
McAfee+Artemis 5706 2009.08.11 -
[B]McAfee-GW-Edition 6.8.5 2009.08.11 Heuristic.BehavesLike.JS.CodeUnfolding.A[/B]
Microsoft 1.4903 2009.08.11 -
NOD32 4327 2009.08.11 -
Norman 6.01.09 2009.08.11 -
nProtect 2009.1.8.0 2009.08.12 -
Panda 10.0.0.14 2009.08.11 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.12 -
Rising 21.42.14.00 2009.08.11 -
Sophos 4.44.0 2009.08.12 -
Sunbelt 3.2.1858.2 2009.08.12 -
Symantec 1.4.4.12 2009.08.12 -
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 -
VBA32 3.12.10.9 2009.08.12 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.11 -[/QUOTE]
Additional information
File size: 5110 bytes
MD5...: 752f9cd890981a8d92e4c019bd6246c0
SHA1..: f114c9c85141d830a96bdaf057acfa4058df3e32
SHA256: bf3a1392053c57b41d87d5f077fff883b5dc485d312d5743f4ba32e0d0fe1f12
ssdeep: 96:VJzGJRYHX6SKwbZF11xZbOZwMDKPWUfKyAKjZpaVkOUPBfKyAKjZpaVYScF8:
VZSYHX6SKOjOSWVGjZpuU8GjZpacF8
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
File pechal-naya.htm received on 2009.08.12 02:52:37 (UTC)
Current status: finished
Result: 10/41 (24.4%)
[QUOTE]a-squared 4.5.0.24 2009.08.12 -
AhnLab-V3 5.0.0.2 2009.08.11 -
[B]AntiVir 7.9.1.0 2009.08.11 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.12 -
[B]Avast 4.8.1335.0 2009.08.11 HTML:IFrame-FG[/B]
[B]AVG 8.5.0.406 2009.08.12 JS/Downloader.Agent[/B]
BitDefender 7.2 2009.08.12 -
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.12 -
Comodo 1949 2009.08.12 -
DrWeb 5.0.0.12182 2009.08.12 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.11 -
F-Secure 8.0.14470.0 2009.08.11 -
Fortinet 3.120.0.0 2009.08.12 -
[B]GData 19 2009.08.12 HTML:IFrame-FG[/B]
Ikarus T3.1.1.64.0 2009.08.12 -
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.816 2009.08.11 -
Kaspersky 7.0.0.125 2009.08.12 -
[B]McAfee 5706 2009.08.11 Exploit-IFrame[/B]
[B]McAfee+Artemis 5706 2009.08.11 Exploit-IFrame[/B]
[B]McAfee-GW-Edition 6.8.5 2009.08.11 Heuristic.Script.Crypted[/B]
Microsoft 1.4903 2009.08.11 -
[B]NOD32 4327 2009.08.11 HTML/TrojanClicker.Iframe.GT.gen[/B]
Norman 6.01.09 2009.08.11 -
nProtect 2009.1.8.0 2009.08.12 -
Panda 10.0.0.14 2009.08.11 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.12 -
Rising 21.42.14.00 2009.08.11 -
[B]Sophos 4.44.0 2009.08.12 Mal/ObfJS-AB[/B]
Sunbelt 3.2.1858.2 2009.08.12 -
Symantec 1.4.4.12 2009.08.12 -
TheHacker 6.3.4.3.381 2009.08.11 -
[B]TrendMicro 8.950.0.1094 2009.08.11 Mal_Hifrm-2[/B]
VBA32 3.12.10.9 2009.08.12 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.11 -[/QUOTE]
Additional information
File size: 1581 bytes
MD5...: afa0df5f240682c62f54c84fe6323754
SHA1..: 08b2b4957d5d7cf9c5aa40d7a059a1d2325a7cf9
SHA256: 117f3cf08a6c4a632fb6b27e4ff4aca92f29bfeb33569cdca90e7fd4395e137f
ssdeep: 24:CNRRdnEtLyGVyNERRFNVRRPRRCN3RRPVB0i4YnjN3wd6CC8R90Wk5cenFE8Yb
:glRGVcEXVbM3fV3CT90Wk5cenFs
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
File TSepey.htm received on 2009.08.12 02:53:14 (UTC)
Current status: finished
Result: 14/41 (34.15%)
[QUOTE]a-squared 4.5.0.24 2009.08.12 -
AhnLab-V3 5.0.0.2 2009.08.11 -
[B]AntiVir 7.9.1.0 2009.08.11 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.12 -
[B]Avast 4.8.1335.0 2009.08.11 HTML:IFrame-FG[/B]
[B]AVG 8.5.0.406 2009.08.12 JS/Downloader.Agent[/B]
[B]BitDefender 7.2 2009.08.12 Trojan.IFrame.DD[/B]
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.12 -
Comodo 1949 2009.08.12 -
DrWeb 5.0.0.12182 2009.08.12 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.11 -
[B]F-Secure 8.0.14470.0 2009.08.11 Trojan-Downloader.JS.Iframe.as[/B]
Fortinet 3.120.0.0 2009.08.12 -
[B]GData 19 2009.08.12 Trojan.IFrame.DD[/B]
Ikarus T3.1.1.64.0 2009.08.12 -
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.816 2009.08.11 -
[B]Kaspersky 7.0.0.125 2009.08.12 Trojan-Downloader.JS.Iframe.as[/B]
[B]McAfee 5706 2009.08.11 JS/Downloader.gen[/B]
[B]McAfee+Artemis 5706 2009.08.11 JS/Downloader.gen[/B]
[B]McAfee-GW-Edition 6.8.5 2009.08.11 Heuristic.ZKit.gen[/B]
[B]Microsoft 1.4903 2009.08.11 TrojanDownloader:JS/Psyme.gen[/B]
[B]NOD32 4327 2009.08.11 HTML/TrojanClicker.Iframe.GT.gen[/B]
Norman 6.01.09 2009.08.11 -
nProtect 2009.1.8.0 2009.08.12 -
Panda 10.0.0.14 2009.08.11 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.12 -
Rising 21.42.14.00 2009.08.11 -
[B]Sophos 4.44.0 2009.08.12 Mal/ObfJS-AB[/B]
Sunbelt 3.2.1858.2 2009.08.12 -
Symantec 1.4.4.12 2009.08.12 -
TheHacker 6.3.4.3.381 2009.08.11 -
[B]TrendMicro 8.950.0.1094 2009.08.11 Mal_Hifrm-2[/B]
VBA32 3.12.10.9 2009.08.12 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.11 -[/QUOTE]
Additional information
File size: 819 bytes
MD5...: 4ff723787eec5a99c47891d480c4439c
SHA1..: 2c5742b1e6186333012c0b8a85446aee240ce18d
SHA256: 1e0c3fee9ea45036ace417b5922678e9999b145b1a0fdd4f53932734951281ed
ssdeep: 12:3wEJsXbotYoCpXm8BX4YmUSHWWYmHi7mM+JwmLdqIvmmewnpCXu080Wk5XWvr
RHS:niX0KX4x2M5p9eHXG0Wk5cenyYb
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
File usage.php received on 2009.08.12 02:53:21 (UTC)
Current status: finished
Result: 3/40 (7.5%)
[QUOTE]a-squared 4.5.0.24 2009.08.12 -
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.1.0 2009.08.11 -
[B]Antiy-AVL 2.0.3.7 2009.08.11 Trojan/Linux.Prl[/B]
Authentium 5.1.2.4 2009.08.12 -
Avast 4.8.1335.0 2009.08.11 -
AVG 8.5.0.406 2009.08.12 -
BitDefender 7.2 2009.08.12 -
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.12 -
Comodo 1949 2009.08.12 -
DrWeb 5.0.0.12182 2009.08.12 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.11 -
[B]F-Secure 8.0.14470.0 2009.08.11 Trojan-Dropper.Linux.Prl.c[/B]
Fortinet 3.120.0.0 2009.08.12 -
GData 19 2009.08.12 -
Ikarus T3.1.1.64.0 2009.08.12 -
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.816 2009.08.11 -
[B]Kaspersky 7.0.0.125 2009.08.12 Trojan-Dropper.Linux.Prl.c[/B]
McAfee 5706 2009.08.11 -
McAfee+Artemis 5706 2009.08.11 -
McAfee-GW-Edition 6.8.5 2009.08.11 -
Microsoft 1.4903 2009.08.11 -
NOD32 4327 2009.08.11 -
Norman 6.01.09 2009.08.11 -
nProtect 2009.1.8.0 2009.08.12 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.12 -
Rising 21.42.14.00 2009.08.11 -
Sophos 4.44.0 2009.08.12 -
Sunbelt 3.2.1858.2 2009.08.12 -
Symantec 1.4.4.12 2009.08.12 -
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.11 -
VBA32 3.12.10.9 2009.08.12 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.11 -[/QUOTE]
Additional information
File size: 31634 bytes
MD5...: e0d4b54d790d14f82e9516860a1998bf
SHA1..: bc6557beff41f4f56008520a542aa4295ecf3a5f
SHA256: d082812e6c9ef66bd1bd9f7cf45483a9a990c5782bc96e5c0c0f6b373fbeb1bb
ssdeep: 768:TPUB30rcBMf5ko00FvLicmc5rCtBsDm8FUhcRleaC44otb:TUd0gGvFvLiC5
rCXsDmg1RleXTC
PEiD..: -
TrID..: File type identification
ELF Executable and Linkable format (generic) (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
File vnyat.htm received on 2009.08.12 02:53:24 (UTC)
Current status: finished
Result: 13/41 (31.71%)
[QUOTE]a-squared 4.5.0.24 2009.08.12 -
AhnLab-V3 5.0.0.2 2009.08.11 -
[B]AntiVir 7.9.1.0 2009.08.11 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.11 -
Authentium 5.1.2.4 2009.08.12 -
[B]Avast 4.8.1335.0 2009.08.11 HTML:IFrame-FG[/B]
[B]AVG 8.5.0.406 2009.08.12 JS/Downloader.Agent[/B]
BitDefender 7.2 2009.08.12 -
CAT-QuickHeal 10.00 2009.08.11 -
ClamAV 0.94.1 2009.08.12 -
Comodo 1949 2009.08.12 -
DrWeb 5.0.0.12182 2009.08.12 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.11 -
[B]F-Secure 8.0.14470.0 2009.08.11 Trojan-Clicker.HTML.IFrame.gv[/B]
Fortinet 3.120.0.0 2009.08.12 -
[B]GData 19 2009.08.12 HTML:IFrame-FG[/B]
Ikarus T3.1.1.64.0 2009.08.12 -
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.816 2009.08.11 -
[B]Kaspersky 7.0.0.125 2009.08.12 Trojan-Clicker.HTML.IFrame.gv[/B]
[B]McAfee 5706 2009.08.11 JS/Downloader.gen[/B]
[B]McAfee+Artemis 5706 2009.08.11 JS/Downloader.gen[/B]
[B]McAfee-GW-Edition 6.8.5 2009.08.11 Heuristic.BehavesLike.JS.InfectedPage.A[/B]
[B]Microsoft 1.4903 2009.08.11 TrojanDownloader:JS/Psyme.gen[/B]
[B]NOD32 4327 2009.08.11 HTML/TrojanClicker.Iframe.GT.gen[/B]
Norman 6.01.09 2009.08.11 -
nProtect 2009.1.8.0 2009.08.12 -
Panda 10.0.0.14 2009.08.11 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.12 -
Rising 21.42.14.00 2009.08.11 -
[B]Sophos 4.44.0 2009.08.12 Mal/ObfJS-AB[/B]
Sunbelt 3.2.1858.2 2009.08.12 -
Symantec 1.4.4.12 2009.08.12 -
TheHacker 6.3.4.3.381 2009.08.11 -
[B]TrendMicro 8.950.0.1094 2009.08.11 Mal_Hifrm-2[/B]
VBA32 3.12.10.9 2009.08.12 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.11 -[/QUOTE]
Additional information
File size: 2655 bytes
MD5...: c0834d65c23ca005ab9263d908dc4d6c
SHA1..: c74dce0106b6d40ab8256c85cfa35de6edb3be1e
SHA256: b7099557ba119e10338367a488a08c208693e44d400f66d5e60ce7ee2b217d26
ssdeep: 48:glRGVcEXVbM37lN33eWnnzp3+t+60Wk5ceneS:FcwWnzsmpneS
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
[size="1"][color="#666686"][B][I]Добавлено через 1 час 18 минут[/I][/B][/color][/size]
File install.exe received on 2009.08.12 04:20:48 (UTC)
Current status: finished
Result: 5/41 (12.2%)
[QUOTE]a-squared 4.5.0.24 2009.08.12 -
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.1.0 2009.08.11 -
Antiy-AVL 2.0.3.7 2009.08.12 -
Authentium 5.1.2.4 2009.08.12 -
Avast 4.8.1335.0 2009.08.11 -
[B]AVG 8.5.0.406 2009.08.12 Downloader.Generic8.BEKZ[/B]
BitDefender 7.2 2009.08.12 -
CAT-QuickHeal 10.00 2009.08.12 -
ClamAV 0.94.1 2009.08.12 -
Comodo 1949 2009.08.12 -
DrWeb 5.0.0.12182 2009.08.12 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.11 -
F-Secure 8.0.14470.0 2009.08.11 -
Fortinet 3.120.0.0 2009.08.12 -
GData 19 2009.08.12 -
Ikarus T3.1.1.64.0 2009.08.12 -
Jiangmin 11.0.800 2009.08.11 -
K7AntiVirus 7.10.816 2009.08.11 -
Kaspersky 7.0.0.125 2009.08.12 -
McAfee 5706 2009.08.11 -
McAfee+Artemis 5706 2009.08.11 -
[B]McAfee-GW-Edition 6.8.5 2009.08.11 Heuristic.LooksLike.Win32.NewMalware.J[/B]
Microsoft 1.4903 2009.08.11 -
NOD32 4327 2009.08.11 -
[B]Norman 6.01.09 2009.08.11 W32/DLoader.SAUZ[/B]
nProtect 2009.1.8.0 2009.08.12 -
[B]Panda 10.0.0.14 2009.08.11 Trj/Downloader.WEX[/B]
PCTools 4.4.2.0 2009.08.11 -
[B]Prevx 3.0 2009.08.12 Medium Risk Malware[/B]
Rising 21.42.20.00 2009.08.12 -
Sophos 4.44.0 2009.08.12 -
Sunbelt 3.2.1858.2 2009.08.12 -
Symantec 1.4.4.12 2009.08.12 -
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.12 -
VBA32 3.12.10.9 2009.08.12 -
ViRobot 2009.8.11.1879 2009.08.11 -
VirusBuster 4.6.5.0 2009.08.11 -[/QUOTE]
Additional information
File size: 534773 bytes
MD5...: 9ce4cc68d579428db7670ec9d69d780a
SHA1..: b19191c6e64fb599523014a50b18fc1adf668cc4
SHA256: c998f4989f9820415fdc77cfc82717d684d78d8f2c509d4678fbd5d6c9150f69
ssdeep: 12288:zeTfTY/bO18VVhckZzyDaI0J9fMAJsyIKBnNzlEXSst1:ArKOOV3ckZm+p
EAdIKBNzlsSw
PEiD..: BobSoft Mini Delphi -> BoB / BobSoft
TrID..: File type identification
Win32 Executable Generic (38.4%)
Win32 Dynamic Link Library (generic) (34.1%)
Win16/32 Executable Delphi generic (9.3%)
Generic Win/DOS Executable (9.0%)
DOS Executable Generic (9.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x6b834
timedatestamp.....: 0x4a5caa12 (Tue Jul 14 15:53:54 2009)
machinetype.......: 0x14c (I386)
Prevx info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=24BD744BF588A8C2288B089279512700976D7FF5[/url]
-
Файл CORELDRW.EXE получен 2009.08.12 06:18:26 (UTC)
Текущий статус: закончено
Результат: 24/41 (58.54%)
[quote]
Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.12 Virus.Win32.Virut!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.11 -
[B]AntiVir 7.9.1.0 2009.08.11 W32/Virut.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.12 -
[B]Authentium 5.1.2.4 2009.08.12 W32/Virut.AI!Generic[/B]
Avast 4.8.1335.0 2009.08.11 -
[B]AVG 8.5.0.406 2009.08.12 Win32/Virut[/B]
[B]BitDefender 7.2 2009.08.12 Win32.Virtob.Gen.12[/B]
[B]CAT-QuickHeal 10.00 2009.08.12 W32.Virut.G[/B]
ClamAV 0.94.1 2009.08.12 -
Comodo 1951 2009.08.12 -
DrWeb 5.0.0.12182 2009.08.12 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
[B]F-Prot 4.4.4.56 2009.08.11 W32/Virut.AI!Generic[/B]
F-Secure 8.0.14470.0 2009.08.11 -
[B]Fortinet 3.120.0.0 2009.08.12 W32/Virut.CE[/B]
[B]GData 19 2009.08.12 Win32.Virtob.Gen.12[/B]
[B]Ikarus T3.1.1.64.0 2009.08.12 Virus.Win32.Virut[/B]
Jiangmin 11.0.800 2009.08.12 -
K7AntiVirus 7.10.816 2009.08.11 -
Kaspersky 7.0.0.125 2009.08.12 -
[B]McAfee 5706 2009.08.11 W32/Virut.n.gen[/B]
[B]McAfee+Artemis 5706 2009.08.11 W32/Virut.n.gen[/B]
[B]McAfee-GW-Edition 6.8.5 2009.08.11 Win32.Virut.Gen[/B]
[B]Microsoft 1.4903 2009.08.12 Virus:Win32/Virut.gen!O[/B]
NOD32 4327 2009.08.11 -
[B]Norman 6.01.09 2009.08.11 W32/Virut.CM[/B]
[B]nProtect 2009.1.8.0 2009.08.12 Virus/W32.Virut.F[/B]
[B]Panda 10.0.0.14 2009.08.11 W32/Sality.AO[/B]
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.12 -
[B]Rising 21.42.20.00 2009.08.12 Win32.Virut.bm[/B]
[B]Sophos 4.44.0 2009.08.12 W32/Scribble-B[/B]
[B]Sunbelt 3.2.1858.2 2009.08.12 Virus.Win32.Virut.ce (v)[/B]
Symantec 1.4.4.12 2009.08.12 -
TheHacker 6.3.4.3.381 2009.08.11 -
[B]TrendMicro 8.950.0.1094 2009.08.12 PE_VIRUX.GEN-2[/B]
[B]VBA32 3.12.10.9 2009.08.12 Virus.Win32.Virut.X5[/B]
[B]ViRobot 2009.8.12.1880 2009.08.12 Win32.Virut.AL[/B]
[B]VirusBuster 4.6.5.0 2009.08.11 Win32.Virut.Y.Gen[/B]
[/quote]
Дополнительная информация
File size: 217088 bytes
MD5 : a15c187553cfe51c326d350690db2e04
SHA1 : a1c0255cc7f19e91d4ea68bf3d922a66616aec45
SHA256: 27174347e1fbca38576f979135cd18212767f7d2cce5aa988d38c368b4ae4c9d
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x534D
timedatestamp.....: 0x3FCED9B6 (Thu Dec 4 07:52:38 2003)
machinetype.......: 0x14C (Intel I386)
-
Файл new1.exe получен 2009.08.12 07:01:39 (UTC)
Результат: 21/41 (51.22%)
[CODE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.12 P2P-Worm.Win32.Palevo!IK
AhnLab-V3 5.0.0.2 2009.08.11 Win-Trojan/Buzus.37376.AD[/B]
AntiVir 7.9.1.0 2009.08.11 -
[B]Antiy-AVL 2.0.3.7 2009.08.12 Trojan/Win32.Buzus.gen
Authentium 5.1.2.4 2009.08.12 W32/Palevo.A.gen!Eldorado
Avast 4.8.1335.0 2009.08.11 Win32:Delf-MKW[/B]
AVG 8.5.0.406 2009.08.12 -
[B]BitDefender 7.2 2009.08.12 Backdoor.IRCBot.ACTN[/B]
CAT-QuickHeal 10.00 2009.08.12 -
ClamAV 0.94.1 2009.08.12 -
[B]Comodo 1951 2009.08.12 TrojWare.Win32.Trojan.Delf.~T
DrWeb 5.0.0.12182 2009.08.12 Trojan.Flood.22022
eSafe 7.0.17.0 2009.08.11 Win32.TrjBuzus.Ha[/B]
eTrust-Vet 31.6.6672 2009.08.11 -
[B]F-Prot 4.4.4.56 2009.08.11 W32/Palevo.A.gen!Eldorado[/B]
F-Secure 8.0.14470.0 2009.08.12 -
[B]Fortinet 3.120.0.0 2009.08.12 PossibleThreat
GData 19 2009.08.12 Backdoor.IRCBot.ACTN
Ikarus T3.1.1.64.0 2009.08.12 P2P-Worm.Win32.Palevo[/B]
Jiangmin 11.0.800 2009.08.12 -
[B]K7AntiVirus 7.10.816 2009.08.11 Trojan.Win32.Malware.1[/B]
Kaspersky 7.0.0.125 2009.08.12 -
McAfee 5706 2009.08.11 -
McAfee+Artemis 5706 2009.08.11 -
McAfee-GW-Edition 6.8.5 2009.08.11 -
[B]Microsoft 1.4903 2009.08.12 Worm:Win32/Hamweq.A
NOD32 4327 2009.08.11 a variant of Win32/Injector.VW[/B]
Norman 6.01.09 2009.08.11 -
[B]nProtect 2009.1.8.0 2009.08.12 Trojan/W32.Agent.37376.DG
Panda 10.0.0.14 2009.08.11 Trj/Buzus.HA[/B]
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.12 -
[B]Rising 21.42.20.00 2009.08.12 Worm.Win32.DownLoader.ic[/B]
Sophos 4.44.0 2009.08.12 -
Sunbelt 3.2.1858.2 2009.08.12 -
[B]Symantec 1.4.4.12 2009.08.12 Suspicious.MH690.A[/B]
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.12 -
[B]VBA32 3.12.10.9 2009.08.12 Trojan.Win32.Buzus.brxz[/B]
ViRobot 2009.8.12.1880 2009.08.12 -
VirusBuster 4.6.5.0 2009.08.11 -[/CODE]
Дополнительная информация
File size: 37376 bytes
MD5...: d52d7b632dec3a89bc96a91b506dfa7e
SHA1..: 0f8b0b0258548ee0b04fd2e6fa516abf1f3ca5b3
SHA256: 2f31696cd9938d12b3cd436828faa5499790fed4d535158eb90e6a71dea0a4d4
ssdeep: 384:jqyuzDkUySFy8yoXVbft55r74rr7JPy+DQtlawEAzyvvZQtdogXr+giT2p2B
azXw:jAM8yoXV7T5rM4Gw5yvvEj7mPBazXw3
PEiD..: -
Файл svchos.exe получен 2009.08.12 07:11:18 (UTC)
Текущий статус: закончено
Результат: 20/40 (50.00%)
[CODE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.12 Trojan.Win32.Refroso!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.1.0 2009.08.11 -
[B]Antiy-AVL 2.0.3.7 2009.08.12 Worm/Win32.Carrier.gen
Authentium 5.1.2.4 2009.08.12 W32/Injector.J.gen!Eldorado
Avast 4.8.1335.0 2009.08.11 Win32:PoisonIvy-IT
AVG 8.5.0.406 2009.08.12 Generic14.PND[/B]
BitDefender 7.2 2009.08.12 -
CAT-QuickHeal 10.00 2009.08.12 -
ClamAV 0.94.1 2009.08.12 -
Comodo 1951 2009.08.12 -
[B]DrWeb 5.0.0.12182 2009.08.12 Trojan.MulDrop.30762[/B]
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6672 2009.08.11 -
[B]F-Prot 4.4.4.56 2009.08.11 W32/Injector.J.gen!Eldorado[/B]
F-Secure 8.0.14470.0 2009.08.12 -
[B]Fortinet 3.120.0.0 2009.08.12 PossibleThreat
GData 19 2009.08.12 Win32:PoisonIvy-IT
Ikarus T3.1.1.64.0 2009.08.12 Trojan.Win32.Refroso
Jiangmin 11.0.800 2009.08.12 Trojan/Refroso.eh
K7AntiVirus 7.10.816 2009.08.11 Trojan.Win32.Malware.1[/B]
Kaspersky 7.0.0.125 2009.08.12 -
[B]McAfee 5706 2009.08.11 Backdoor-EBM
McAfee+Artemis 5706 2009.08.11 Backdoor-EBM[/B]
McAfee-GW-Edition 6.8.5 2009.08.11 -
[B]Microsoft 1.4903 2009.08.12 VirTool:Win32/Injector.gen!AC
NOD32 4327 2009.08.11 probably a variant of Win32/Injector.VD[/B]
Norman 6.01.09 2009.08.11 -
nProtect 2009.1.8.0 2009.08.12 -
[B]Panda 10.0.0.14 2009.08.11 Generic Malware[/B]
PCTools 4.4.2.0 2009.08.11 -
Rising 21.42.20.00 2009.08.12 -
Sophos 4.44.0 2009.08.12 -
Sunbelt 3.2.1858.2 2009.08.12 -
Symantec 1.4.4.12 2009.08.12 -
TheHacker 6.3.4.3.381 2009.08.11 -
[B]TrendMicro 8.950.0.1094 2009.08.12 Cryp_Neb-2
VBA32 3.12.10.9 2009.08.12 Trojan.Win32.Refroso.btv
ViRobot 2009.8.12.1880 2009.08.12 Trojan.Win32.Downloader.26624.ED[/B]
VirusBuster 4.6.5.0 2009.08.11 -[/CODE]
Дополнительная информация
File size: 68608 bytes
MD5 : 2329293297b6b593981e12b4877fe167
SHA1 : 009fc124ae022b41b3d0ba92a64c039ffbfb8be1
SHA256: 9f555faa47a4452529402049514296212ae498a2583dc7cb1aa953e04e441008
PEInfo: PE Structure information
Файл djdgfjdjd.exe получен 2009.08.12 07:15:19 (UTC)
Текущий статус:
Результат: 3/41 (7.32%)
[CODE]Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.12 -
AhnLab-V3 5.0.0.2 2009.08.11 -
AntiVir 7.9.1.0 2009.08.11 -
Antiy-AVL 2.0.3.7 2009.08.12 -
Authentium 5.1.2.4 2009.08.12 -
Avast 4.8.1335.0 2009.08.11 -
AVG 8.5.0.406 2009.08.12 -
BitDefender 7.2 2009.08.12 -
[B]CAT-QuickHeal 10.00 2009.08.12 Trojan.Agent.ATV[/B]
ClamAV 0.94.1 2009.08.12 -
Comodo 1951 2009.08.12 -
DrWeb 5.0.0.12182 2009.08.12 -
[B]eSafe 7.0.17.0 2009.08.11 Suspicious File[/B]
eTrust-Vet 31.6.6672 2009.08.11 -
F-Prot 4.4.4.56 2009.08.11 -
F-Secure 8.0.14470.0 2009.08.12 -
Fortinet 3.120.0.0 2009.08.12 -
GData 19 2009.08.12 -
Ikarus T3.1.1.64.0 2009.08.12 -
Jiangmin 11.0.800 2009.08.12 -
K7AntiVirus 7.10.816 2009.08.11 -
Kaspersky 7.0.0.125 2009.08.12 -
McAfee 5706 2009.08.11 -
[B]McAfee+Artemis 5706 2009.08.11 Suspect-29!1CE551A37CBC[/B]
McAfee-GW-Edition 6.8.5 2009.08.11 -
Microsoft 1.4903 2009.08.12 -
NOD32 4327 2009.08.11 -
Norman 6.01.09 2009.08.11 -
nProtect 2009.1.8.0 2009.08.12 -
Panda 10.0.0.14 2009.08.11 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.12 -
Rising 21.42.21.00 2009.08.12 -
Sophos 4.44.0 2009.08.12 -
Sunbelt 3.2.1858.2 2009.08.12 -
Symantec 1.4.4.12 2009.08.12 -
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.12 -
VBA32 3.12.10.9 2009.08.12 -
ViRobot 2009.8.12.1880 2009.08.12 -
VirusBuster 4.6.5.0 2009.08.11 -[/CODE]
Дополнительная информация
File size: 32768 bytes
MD5...: 1ce551a37cbc38a1c151b014cc526bc6
SHA1..: 4b1299a4e892764be130ed56e1fbcc2edb797188
SHA256: 79eaa20b688609ce419d3411f07c5d6e1c675d80cfffdeed3acc3598423ed230
ssdeep: 768:C52qyKxcia7J37AepFr7RYt4zFWfbMIFCET18AM:e2qyK6nJ3TpvWzt7p8AM
PEiD..: -
-
Файл sdra64.exe получен 2009.08.12 11:36:21 (UTC)
Антивирус Версия Обновление Результат
[CODE]a-squared 4.5.0.24 2009.08.12 -
[B]AhnLab-V3 5.0.0.2 2009.08.12 Win-Trojan/Zbot.90624.D
AntiVir 7.9.1.0 2009.08.12 TR/Crypt.ZPACK.Gen
Antiy-AVL 2.0.3.7 2009.08.12 Trojan/Win32.Bancos.gen[/B]
Authentium 5.1.2.4 2009.08.12 -
[B]Avast 4.8.1335.0 2009.08.11 Win32:Wali
AVG 8.5.0.406 2009.08.12 Win32/Cryptor[/B]
BitDefender 7.2 2009.08.12 -
[B]CAT-QuickHeal 10.00 2009.08.12 TrojanBanker.Bancos.ezp[/B]
ClamAV 0.94.1 2009.08.12 -
Comodo 1953 2009.08.12 -
[B]DrWeb 5.0.0.12182 2009.08.12 Trojan.PWS.Panda.122[/B]
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6673 2009.08.12 -
F-Prot 4.4.4.56 2009.08.11 -
F-Secure 8.0.14470.0 2009.08.12 -
Fortinet 3.120.0.0 2009.08.12 -
[B]GData 19 2009.08.12 Win32:Wali[/B]
Ikarus T3.1.1.64.0 2009.08.12 -
Jiangmin 11.0.800 2009.08.12 -
[B]K7AntiVirus 7.10.816 2009.08.11 Trojan-Banker.Win32.Bancos.ezp[/B]
Kaspersky 7.0.0.125 2009.08.12 -
McAfee 5706 2009.08.11 -
[B]McAfee+Artemis 5706 2009.08.11 Suspect-29!662BCDC96EE8
McAfee-GW-Edition 6.8.5 2009.08.12 Trojan.Crypt.ZPACK.Gen
Microsoft 1.4903 2009.08.12 PWS:Win32/Zbot.gen!R
NOD32 4328 2009.08.12 Win32/Spy.Zbot.TY[/B]
Norman 6.01.09 2009.08.11 -
nProtect 2009.1.8.0 2009.08.12 -
Panda 10.0.0.14 2009.08.11 -
PCTools 4.4.2.0 2009.08.11 -
Prevx 3.0 2009.08.12 -
Rising 21.42.23.00 2009.08.12 -
Sophos 4.44.0 2009.08.12 -
[B]Sunbelt 3.2.1858.2 2009.08.12 Trojan-Downloader.Tibs.gen (v)
Symantec 1.4.4.12 2009.08.12 Packed.Generic.232[/B]
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.12 -
[B]VBA32 3.12.10.9 2009.08.12 Trojan-Banker.Win32.Bancos.ezp[/B]
ViRobot 2009.8.12.1881 2009.08.12 -
VirusBuster 4.6.5.0 2009.08.11 -[/CODE]
Дополнительная информация
File size: 283136 bytes
MD5...: 662bcdc96ee813d04c7e6fb08534f079
SHA1..: 9c33adfdfcb435e46192c8823ae64170deb6c338
SHA256: f02ea121555317f95bd3dcccef51176b6ba4641314593d9b889f50528ced8f17
ssdeep: 6144:SNp5OsvTSj21dL7J3egClQBq0cP6amj+aLWxM8VSwtpHzN9DM:+OceO06Bn<br>amjcxMAtpTNdM<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable MS Visual C++ (generic) (53.1%)<br>Windows Screen Saver (18.4%)<br>Win32 Executable Generic (12.0%)<br>Win32 Dynamic Link Library (generic) (10.6%)<br>Generic Win/DOS Executable (2.8%)
-
Файл avz00003.dta получен 2009.08.12 15:43:13 (UTC)
Текущий статус: закончено
Результат: 15/41 (36.59%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.12 -
[B]AhnLab-V3 5.0.0.2 2009.08.12 Win-Trojan/SpamMailer.27525[/B]
AntiVir 7.9.1.0 2009.08.12 -
Antiy-AVL 2.0.3.7 2009.08.12 -
Authentium 5.1.2.4 2009.08.12 -
[B]Avast 4.8.1335.0 2009.08.12 Win32:Trojan-gen {Other}
AVG 8.5.0.406 2009.08.12 Win32/Heur[/B]
BitDefender 7.2 2009.08.12 -
CAT-QuickHeal 10.00 2009.08.12 -
ClamAV 0.94.1 2009.08.12 -
[B]Comodo 1955 2009.08.12 UnclassifiedMalware
DrWeb 5.0.0.12182 2009.08.12 Trojan.MulDrop.33201[/B]
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6673 2009.08.12 -
F-Prot 4.4.4.56 2009.08.12 -
F-Secure 8.0.14470.0 2009.08.12 -
[B]Fortinet 3.120.0.0 2009.08.12 PossibleThreat
GData 19 2009.08.12 Win32:Trojan-gen {Other}[/B]
Ikarus T3.1.1.64.0 2009.08.12 -
Jiangmin 11.0.800 2009.08.12 -
[B]K7AntiVirus 7.10.817 2009.08.12 Trojan.Win32.Malware.1[/B]
Kaspersky 7.0.0.125 2009.08.12 -
McAfee 5706 2009.08.11 -
[B]McAfee+Artemis 5706 2009.08.11 Artemis!CB074F6549DA[/B]
McAfee-GW-Edition 6.8.5 2009.08.12 -
[B]Microsoft 1.4903 2009.08.12 Trojan:Win32/Meredrop
NOD32 4329 2009.08.12 a variant of Win32/Wigon.LW[/B]
Norman 6.01.09 2009.08.12 -
[B]nProtect 2009.1.8.0 2009.08.12 Trojan/W32.Agent.27525.B
Panda 10.0.0.14 2009.08.11 Suspicious file[/B]
PCTools 4.4.2.0 2009.08.12 -
Prevx 3.0 2009.08.12 -
Rising 21.42.23.00 2009.08.12 -
Sophos 4.44.0 2009.08.12 -
Sunbelt 3.2.1858.2 2009.08.12 -
[B]Symantec 1.4.4.12 2009.08.12 Trojan Horse[/B]
TheHacker 6.3.4.3.381 2009.08.11 -
TrendMicro 8.950.0.1094 2009.08.12 -
VBA32 3.12.10.9 2009.08.12 -
[B]ViRobot 2009.8.12.1881 2009.08.12 Dropper.Agent.27526[/B]
VirusBuster 4.6.5.0 2009.08.12 -[/QUOTE]
Дополнительная информация
File size: 27525 bytes
MD5...: cb074f6549dadd76904adcb6f509024c
SHA1..: 484a209b1c3e43d27d2089713fa34167a8f67510
SHA256: 469c7ce301e82a12c8736480b2dea062cc2c28756b37be73e67caa56460ddea7
ssdeep: 384:/0sk4SQSkBwgyn9MdwjFZ6CrcSdFWj3dAW4hd2NgMyOb2rg8kk//+fQceVFb
RgnO:/0sqR/jFZ1rPCrdvNgM4wkefQhbRgTp8
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
[url]http://www.virustotal.com/ru/analisis/469c7ce301e82a12c8736480b2dea062cc2c28756b37be73e67caa56460ddea7-1250091793[/url]
Файл jrsfzxgd.exe получен 2009.08.12 16:15:51 (UTC)
Текущий статус: закончено
Результат: 25/41 (60.98%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.12 Trojan-Proxy.Win32.Verind!IK
AhnLab-V3 5.0.0.2 2009.08.12 Win-Trojan/amGfauxhsX.5120
AntiVir 7.9.1.0 2009.08.12 BDS/Backdoor.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.12 -
[B]Authentium 5.1.2.4 2009.08.12 W32/Trojan-Sml-SDCW!Eldorado[/B]
Avast 4.8.1335.0 2009.08.12 -
[B]AVG 8.5.0.406 2009.08.12 Generic13.CADV
BitDefender 7.2 2009.08.12 Gen:Trojan.Heur.PT.amGfaK!uLCl
CAT-QuickHeal 10.00 2009.08.12 Trojan.Agent.ATV[/B]
ClamAV 0.94.1 2009.08.12 -
Comodo 1955 2009.08.12 -
[B]DrWeb 5.0.0.12182 2009.08.12 Trojan.Proxy.origin
eSafe 7.0.17.0 2009.08.11 Suspicious File
eTrust-Vet 31.6.6673 2009.08.12 Win32/Fifibe!generic
F-Prot 4.4.4.56 2009.08.12 W32/Trojan-Sml-SDCW!Eldorado
F-Secure 8.0.14470.0 2009.08.12 Suspicious:W32/Malware!Gemini[/B]
Fortinet 3.120.0.0 2009.08.12 -
[B]GData 19 2009.08.12 Gen:Trojan.Heur.PT.amGfaK!uLCl
Ikarus T3.1.1.64.0 2009.08.12 Trojan-Proxy.Win32.Verind[/B]
Jiangmin 11.0.800 2009.08.12 -
[B]K7AntiVirus 7.10.817 2009.08.12 Virus.Win32.Sality.AA
Kaspersky 7.0.0.125 2009.08.12 Heur.Trojan.Generic[/B]
McAfee 5706 2009.08.11 -
[B]McAfee+Artemis 5706 2009.08.11 Suspect-29!0C87865D034A[/B]
[B]McAfee-GW-Edition 6.8.5 2009.08.12 Heuristic.LooksLike.Win32.Suspicious.H!81[/B]
[B]Microsoft 1.4903 2009.08.12 TrojanProxy:Win32/Verind.A
NOD32 4329 2009.08.12 a variant of Win32/Small.BB
Norman 6.01.09 2009.08.12 W32/Malware[/B]
nProtect 2009.1.8.0 2009.08.12 -
[B]Panda 10.0.0.14 2009.08.12 Trj/Downloader.MDW[/B]
PCTools 4.4.2.0 2009.08.12 -
Prevx 3.0 2009.08.12 -
Rising 21.42.23.00 2009.08.12 -
Sophos 4.44.0 2009.08.12 -
[B]Sunbelt 3.2.1858.2 2009.08.12 BehavesLike.Win32.Malware (v)
Symantec 1.4.4.12 2009.08.12 Backdoor.Trojan[/B]
TheHacker 6.3.4.3.381 2009.08.11 -
[B]TrendMicro 8.950.0.1094 2009.08.12 PAK_Generic.001[/B]
VBA32 3.12.10.9 2009.08.12 -
ViRobot 2009.8.12.1881 2009.08.12 -
VirusBuster 4.6.5.0 2009.08.12 -[/QUOTE]
Дополнительная информация
File size: 5120 bytes
MD5...: 0c87865d034ab936b0be86532f5b4300
SHA1..: 69b3b452008de61d4cb08e43d999d2e52e90dc3f
SHA256: eb4f25b6c964065da80fe52d805d6723dfcd7a7474ebb4bfafa5baa9995ad2b0
ssdeep: 96:QQXJ8vfYA2/NU3az+pKM+kYgXMHP1AfEheKCR:9uIA2nz+8MxnaWfeeP
PEiD..: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
TrID..: File type identification
Generic Win/DOS Executable (50.0%)
DOS Executable Generic (49.9%)
PEInfo: PE Structure information
[url]http://www.virustotal.com/ru/analisis/eb4f25b6c964065da80fe52d805d6723dfcd7a7474ebb4bfafa5baa9995ad2b0-1250093751[/url]
-
File i.php received on 2009.08.13 11:38:44 (UTC)
Current status: finished
Result: 6/41 (14.64%)
[QUOTE]a-squared 4.5.0.24 2009.08.13 -
AhnLab-V3 5.0.0.2 2009.08.12 -
[B]AntiVir 7.9.1.1 2009.08.13 EXP/SWF.28992[/B]
Antiy-AVL 2.0.3.7 2009.08.13 -
Authentium 5.1.2.4 2009.08.13 -
[B]Avast 4.8.1335.0 2009.08.12 SWF:Downloader-G[/B]
AVG 8.5.0.406 2009.08.13 -
BitDefender 7.2 2009.08.13 -
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.13 -
Comodo 1964 2009.08.13 -
[B]DrWeb 5.0.0.12182 2009.08.13 Exploit.SWF.115[/B]
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6675 2009.08.13 -
F-Prot 4.4.4.56 2009.08.12 -
F-Secure 8.0.14470.0 2009.08.13 -
Fortinet 3.120.0.0 2009.08.13 -
[B]GData 19 2009.08.13 SWF:Downloader-G[/B]
Ikarus T3.1.1.64.0 2009.08.13 -
Jiangmin 11.0.800 2009.08.13 -
K7AntiVirus 7.10.817 2009.08.12 -
Kaspersky 7.0.0.125 2009.08.13 -
McAfee 5707 2009.08.12 -
McAfee+Artemis 5707 2009.08.12 -
[B]McAfee-GW-Edition 6.8.5 2009.08.13 Exploit.SWF.28992[/B]
[B]Microsoft 1.4903 2009.08.13 TrojanDownloader:Win32/Swif.I[/B]
NOD32 4331 2009.08.13 -
Norman 6.01.09 2009.08.12 -
nProtect 2009.1.8.0 2009.08.13 -
Panda 10.0.0.14 2009.08.12 -
PCTools 4.4.2.0 2009.08.12 -
Prevx 3.0 2009.08.13 -
Rising 21.42.32.00 2009.08.13 -
Sophos 4.44.0 2009.08.13 -
Sunbelt 3.2.1858.2 2009.08.13 -
Symantec 1.4.4.12 2009.08.13 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.13 -
VBA32 3.12.10.9 2009.08.13 -
ViRobot 2009.8.13.1883 2009.08.13 -
VirusBuster 4.6.5.0 2009.08.12 -[/QUOTE]
Additional information
File size: 8235 bytes
MD5...: 8fc7f1182c56f9508ae27fdfd1b7f0cc
SHA1..: 403fa78b76444d091fecfb910f72a79d36ed290d
SHA256: 1f72afd5b2093d0eb198415d11f1408b434a213d0c874cbeb5df5e4e18302c60
ssdeep: 192:e4rET07JrqSTMiK0MqnFcf37sLRHr2C0cT7ZgR33Oz/tgUYwKEK+v2X/jwN:
ewasrqIg016oLRHrn7ZRtk62vcN
PEiD..: -
TrID..: File type identification
GZipped File (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
packers (F-Prot): packed
[size="1"][color="#666686"][B][I]Добавлено через 44 минуты[/I][/B][/color][/size]
джоинер
File RJoiner_private.exe received on 2009.08.13 12:31:33 (UTC)
Current status: finished
Result: 27/41 (65.86%)
[QUOTE][B]a-squared 4.5.0.24 2009.08.13 Trojan.MulDrop!IK[/B]
[B]AhnLab-V3 5.0.0.2 2009.08.13 Win-Trojan/Xema.variant[/B]
[B]AntiVir 7.9.1.1 2009.08.13 SPR/Tool.MultiDrop[/B]
Antiy-AVL 2.0.3.7 2009.08.13 -
[B]Authentium 5.1.2.4 2009.08.13 W32/Dropper.EIT[/B]
[B]Avast 4.8.1335.0 2009.08.12 Win32:Tiny-NX[/B]
[B]AVG 8.5.0.406 2009.08.13 Dropper.Generic.AIJY[/B]
[B]BitDefender 7.2 2009.08.13 Trojan.Generic.199723[/B]
CAT-QuickHeal 10.00 2009.08.13 -
[B]ClamAV 0.94.1 2009.08.13 Trojan.Dropper-3804[/B]
[B]Comodo 1964 2009.08.13 UnclassifiedMalware[/B]
[B]DrWeb 5.0.0.12182 2009.08.13 Trojan.MulDrop.8198[/B]
[B]eSafe 7.0.17.0 2009.08.11 Win32.Banker[/B]
eTrust-Vet 31.6.6675 2009.08.13 -
[B]F-Prot 4.4.4.56 2009.08.13 W32/Dropper.EIT[/B]
[B]F-Secure 8.0.14470.0 2009.08.13 Suspicious:W32/Malware!Gemini[/B]
Fortinet 3.120.0.0 2009.08.13 -
[B]GData 19 2009.08.13 Trojan.Generic.199723[/B]
[B]Ikarus T3.1.1.64.0 2009.08.13 Trojan.MulDrop[/B]
Jiangmin 11.0.800 2009.08.13 -
K7AntiVirus 7.10.817 2009.08.12 -
Kaspersky 7.0.0.125 2009.08.13 -
[B]McAfee 5707 2009.08.12 Generic.dx[/B]
[B]McAfee+Artemis 5707 2009.08.12 Generic.dx[/B]
[B]McAfee-GW-Edition 6.8.5 2009.08.13 Trojan.Crypt.XPACK.Gen[/B]
[B]Microsoft 1.4903 2009.08.13 Trojan:Win32/Meredrop[/B]
[B]NOD32 4331 2009.08.13 a variant of Win32/TrojanDropper.Rjoin[/B]
Norman 6.01.09 2009.08.13 -
[B]nProtect 2009.1.8.0 2009.08.13 Trojan/W32.Agent.588303[/B]
[B]Panda 10.0.0.14 2009.08.12 Trj/CI.A[/B]
PCTools 4.4.2.0 2009.08.12 -
[B]Prevx 3.0 2009.08.13 High Risk System Back Door[/B]
Rising 21.42.33.00 2009.08.13 -
[B]Sophos 4.44.0 2009.08.13 Mal/Generic-A[/B]
Sunbelt 3.2.1858.2 2009.08.13 -
[B]Symantec 1.4.4.12 2009.08.13 Backdoor.Sdbot[/B]
TheHacker 6.3.4.3.383 2009.08.13 -
[B]TrendMicro 8.950.0.1094 2009.08.13 Possible_Mlwr-13[/B]
[B]VBA32 3.12.10.9 2009.08.13 suspected of Embedded.Trojan-Dropper.Win32.Tiny.o[/B]
ViRobot 2009.8.13.1883 2009.08.13 -
VirusBuster 4.6.5.0 2009.08.12 -[/QUOTE]
Additional information
File size: 588303 bytes
MD5...: 7f2a61a3c87402f7d3d18f8564051cd7
SHA1..: e17016f2cee2c688259e8a58687399987110518f
SHA256: 817279550d79e52b18af29b25fce85bbc4bb57fbea1c61fd94adc5ec9b253877
ssdeep: 6144:320hO6kwpKJe+nqRv6BcWTUvZnpW0FW5VuYtX0G3ouODXxAQR5uC4z3u:32
XgwSQoZnpTFWLuYyG8DXhRUC4Lu
PEiD..: Armadillo v1.71
TrID..: File type identification
Generic Win/DOS Executable (50.0%)
DOS Executable Generic (49.9%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x276c
timedatestamp.....: 0x45aa46c1 (Sun Jan 14 15:05:37 2007)
machinetype.......: 0x14c (I386)
Prevx info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=9BD3B07C0FF9C632FA5B082CBC683B00DE66270C[/url]
-
Опять сельсовет
Файл advapi3.dll получен 2009.08.13 13:35:56 (UTC)
Текущий статус: закончено
Результат: 14/41 (34.15%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.13 Trojan.Win32.Smardf!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.13 -
[B]AntiVir 7.9.1.1 2009.08.13 DR/Delphi.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.13 -
Authentium 5.1.2.4 2009.08.13 -
Avast 4.8.1335.0 2009.08.12 -
AVG 8.5.0.406 2009.08.13 -
BitDefender 7.2 2009.08.13 -
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.13 -
Comodo 1965 2009.08.13 -
[B]DrWeb 5.0.0.12182 2009.08.13 Trojan.Siggen.3294[/B]
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6675 2009.08.13 -
F-Prot 4.4.4.56 2009.08.13 -
[B]F-Secure 8.0.14470.0 2009.08.13 Trojan.Win32.Smardf.jxm[/B]
Fortinet 3.120.0.0 2009.08.13 -
GData 19 2009.08.13 -
[B]Ikarus T3.1.1.64.0 2009.08.13 Trojan.Win32.Smardf[/B]
Jiangmin 11.0.800 2009.08.13 -
K7AntiVirus 7.10.817 2009.08.12 -
[B]Kaspersky 7.0.0.125 2009.08.13 Trojan.Win32.Smardf.jxm[/B]
McAfee 5707 2009.08.12 -
[B]McAfee+Artemis 5707 2009.08.12 Artemis!33508D9EBC8C[/B]
[B]McAfee-GW-Edition 6.8.5 2009.08.13 Heuristic.BehavesLike.Win32.Dropper.B
Microsoft 1.4903 2009.08.13 TrojanDropper:Win32/Boaxxe.G[/B]
NOD32 4332 2009.08.13 -
[B]Norman 6.01.09 2009.08.13 W32/DLoader.TDST
nProtect 2009.1.8.0 2009.08.13 Trojan/W32.Smardf.124416.D
Panda 10.0.0.14 2009.08.12 Generic Trojan[/B]
PCTools 4.4.2.0 2009.08.12 -
[B]Prevx 3.0 2009.08.13 High Risk Fraudulent Security Program[/B]
Rising 21.42.34.00 2009.08.13 -
Sophos 4.44.0 2009.08.13 -
Sunbelt 3.2.1858.2 2009.08.13 -
[B]Symantec 1.4.4.12 2009.08.13 Downloader[/B]
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.13 -
VBA32 3.12.10.9 2009.08.13 -
ViRobot 2009.8.13.1883 2009.08.13 -
VirusBuster 4.6.5.0 2009.08.12 -[/QUOTE]
Дополнительная информация
File size: 124416 bytes
MD5...: 33508d9ebc8cf3c04dc2b310027f28a5
SHA1..: 6416dfb7bdf8588b2f3b1c58be098b345cc7a048
SHA256: faf58e0a62a38e9f2cd77811d9a5806fd2e69099f38bca8b6ff137c660144530
ssdeep: 1536:wIq+E53FXSNRPV+w8hcqLNhrgIvNSFC/6MIvcg9BkQmwTvaDTfNWtHiG7E9
6RXUg:PaFCNRPV+wycOSFNmwTvaDUHFELS9xcC
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (58.3%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.7%)
DOS Executable Generic (13.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
[url]http://www.virustotal.com/ru/analisis/faf58e0a62a38e9f2cd77811d9a5806fd2e69099f38bca8b6ff137c660144530-1250170556[/url]
Файл eng_1_.htm получен 2009.08.13 13:43:21 (UTC)
Текущий статус: закончено
Результат: 10/41 (24.4%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.13 -
AhnLab-V3 5.0.0.2 2009.08.13 -
[B]AntiVir 7.9.1.1 2009.08.13 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.13 -
Authentium 5.1.2.4 2009.08.13 -
[B]Avast 4.8.1335.0 2009.08.12 JS:Packed-AL[/B]
AVG 8.5.0.406 2009.08.13 -
BitDefender 7.2 2009.08.13 -
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.13 -
Comodo 1965 2009.08.13 -
DrWeb 5.0.0.12182 2009.08.13 -
eSafe 7.0.17.0 2009.08.11 -
eTrust-Vet 31.6.6675 2009.08.13 -
F-Prot 4.4.4.56 2009.08.13 -
[B]F-Secure 8.0.14470.0 2009.08.13 Trojan-Downloader.JS.Iframe.aey[/B]
Fortinet 3.120.0.0 2009.08.13 -
[B]GData 19 2009.08.13 JS:Packed-AL[/B]
Ikarus T3.1.1.64.0 2009.08.13 -
Jiangmin 11.0.800 2009.08.13 -
K7AntiVirus 7.10.817 2009.08.12 -
[B]Kaspersky 7.0.0.125 2009.08.13 Trojan-Downloader.JS.Iframe.aey
McAfee 5707 2009.08.12 JS/Generic Exploit.j
McAfee+Artemis 5707 2009.08.12 JS/Generic Exploit.j[/B]
McAfee-GW-Edition 6.8.5 2009.08.13 Heuristic.BehavesLike.JS.Suspicious.B
[B]Microsoft 1.4903 2009.08.13 VirTool:JS/Obfuscator.H[/B]
NOD32 4332 2009.08.13 -
Norman 6.01.09 2009.08.13 -
nProtect 2009.1.8.0 2009.08.13 -
Panda 10.0.0.14 2009.08.12 -
PCTools 4.4.2.0 2009.08.12 -
Prevx 3.0 2009.08.13 -
Rising 21.42.34.00 2009.08.13 -
[B]Sophos 4.44.0 2009.08.13 Mal/ObfJS-M[/B]
Sunbelt 3.2.1858.2 2009.08.13 -
Symantec 1.4.4.12 2009.08.13 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.13 -
VBA32 3.12.10.9 2009.08.13 -
ViRobot 2009.8.13.1883 2009.08.13 -
VirusBuster 4.6.5.0 2009.08.12 -[/QUOTE]
Дополнительная информация
File size: 6470 bytes
MD5...: c2fb62a36f5f24c948b04abf6859844c
SHA1..: d2190eeff2f6d12a467c4c26ebb2e5c5568a817c
SHA256: 06f5f5ec59ab5cf89f42697f798ab978b2e6534dcbe47faf86c9453dec22fb22
ssdeep: 192:EnQCHz9CJ5NrZjkjDmPTC9iJoNA+p8qVdd:af9CJ5N9lPx2G+p8c
PEiD..: -
TrID..: File type identification
HyperText Markup Language (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
[url]http://www.virustotal.com/ru/analisis/06f5f5ec59ab5cf89f42697f798ab978b2e6534dcbe47faf86c9453dec22fb22-1250171001[/url]
Файл ntfs.sys.000 получен 2009.08.13 14:25:56 (UTC)
Текущий статус: закончено
Результат: 8/41 (19.52%)
[QUOTE]Антивирус Версия Обновление Результат
a-squared 4.5.0.24 2009.08.13 -
AhnLab-V3 5.0.0.2 2009.08.13 -
[B]AntiVir 7.9.1.1 2009.08.13 RKIT/Kobcka.Patched.A[/B]
Antiy-AVL 2.0.3.7 2009.08.13 -
Authentium 5.1.2.4 2009.08.13 -
Avast 4.8.1335.0 2009.08.12 -
[B]AVG 8.5.0.406 2009.08.13 Rootkit-Pakes.M
BitDefender 7.2 2009.08.13 Rootkit.Kobcka.Patched.A[/B]
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.13 -
Comodo 1965 2009.08.13 -
[B]DrWeb 5.0.0.12182 2009.08.13 BackDoor.Bulknet.404[/B]
eSafe 7.0.17.0 2009.08.13 -
eTrust-Vet 31.6.6675 2009.08.13 -
F-Prot 4.4.4.56 2009.08.13 -
F-Secure 8.0.14470.0 2009.08.13 -
Fortinet 3.120.0.0 2009.08.13 -
[B]GData 19 2009.08.13 Rootkit.Kobcka.Patched.A[/B]
Ikarus T3.1.1.64.0 2009.08.13 -
Jiangmin 11.0.800 2009.08.13 -
K7AntiVirus 7.10.817 2009.08.12 -
Kaspersky 7.0.0.125 2009.08.13 -
McAfee 5707 2009.08.12 -
[B]McAfee+Artemis 5707 2009.08.12 Suspect-29!93913FEC6578
McAfee-GW-Edition 6.8.5 2009.08.13 Rootkit.Kobcka.Patched.A
Microsoft 1.4903 2009.08.13 VirTool:WinNT/Cutwail.L[/B]
NOD32 4332 2009.08.13 -
Norman 6.01.09 2009.08.13 -
nProtect 2009.1.8.0 2009.08.13 -
Panda 10.0.0.14 2009.08.12 -
PCTools 4.4.2.0 2009.08.12 -
Prevx 3.0 2009.08.13 -
Rising 21.42.34.00 2009.08.13 -
Sophos 4.44.0 2009.08.13 -
Sunbelt 3.2.1858.2 2009.08.13 -
Symantec 1.4.4.12 2009.08.13 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.13 -
VBA32 3.12.10.9 2009.08.13 -
ViRobot 2009.8.13.1883 2009.08.13 -
VirusBuster 4.6.5.0 2009.08.13 -[/QUOTE]
Дополнительная информация
File size: 619200 bytes
MD5...: 93913fec6578aecc929563dab3e5e428
SHA1..: c90fd4bbb015884b90ce927c24558f8714ae1857
SHA256: b6ab9a961f1d0a473e4b73ea60dd65fa4fcf4d2fe5672f02f4419792b4f32748
ssdeep: 6144:FYvlJCuNJ3Loj+sr/rwFSrS8yXtiwOxHzlxFR0Pd4s3BSCx4PTaQrkvH0jp
d7cXR:yJCC+H+SO8gdoEBRSCyba8PjkX4VU
PEiD..: -
TrID..: File type identification
Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
PEInfo: PE Structure information
[url]http://www.virustotal.com/ru/analisis/b6ab9a961f1d0a473e4b73ea60dd65fa4fcf4d2fe5672f02f4419792b4f32748-1250173556[/url]
Файл ScbData.exe получен 2009.08.13 14:29:39 (UTC)
Текущий статус: закончено
Результат: 30/41 (73.18%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.13 Backdoor.Win32.Hupigon!IK
AhnLab-V3 5.0.0.2 2009.08.13 Win-Trojan/Hupigon.502784.Y
AntiVir 7.9.1.1 2009.08.13 BDS/Hupigon.MY.19[/B]
Antiy-AVL 2.0.3.7 2009.08.13 -
[B]Authentium 5.1.2.4 2009.08.13 W32/Agent.GMB[/B]
Avast 4.8.1335.0 2009.08.12 -
[B]AVG 8.5.0.406 2009.08.13 Win32/Heur
BitDefender 7.2 2009.08.13 Backdoor.Hupigon.MY
CAT-QuickHeal 10.00 2009.08.13 Trojan.Agent.ATV
ClamAV 0.94.1 2009.08.13 Trojan.PcClient-2361
Comodo 1965 2009.08.13 UnclassifiedMalware[/B]
DrWeb 5.0.0.12182 2009.08.13 -
[B]eSafe 7.0.17.0 2009.08.13 Win32.PcClient[/B]
eTrust-Vet 31.6.6675 2009.08.13 -
[B]F-Prot 4.4.4.56 2009.08.13 W32/Agent.GMB
F-Secure 8.0.14470.0 2009.08.13 Suspicious:W32/Malware!Gemini
Fortinet 3.120.0.0 2009.08.13 W32/HUPIGON.EAU!tr.bdr
GData 19 2009.08.13 Backdoor.Hupigon.MY
Ikarus T3.1.1.64.0 2009.08.13 Backdoor.Win32.Hupigon[/B]
Jiangmin 11.0.800 2009.08.13 -
[B]K7AntiVirus 7.10.817 2009.08.12 Trojan.Win32.Malware.1[/B]
Kaspersky 7.0.0.125 2009.08.13 -
[B]McAfee 5707 2009.08.12 BackDoor-AWQ.b
McAfee+Artemis 5707 2009.08.12 BackDoor-AWQ.b
McAfee-GW-Edition 6.8.5 2009.08.13 Heuristic.LooksLike.Trojan.Dropper.C[/B]
Microsoft 1.4903 2009.08.13 -
[B]NOD32 4332 2009.08.13 probably a variant of Win32/Delf
Norman 6.01.09 2009.08.13 W32/Packed_NsPack.I
nProtect 2009.1.8.0 2009.08.13 Backdoor/W32.Hupigon.502784
Panda 10.0.0.14 2009.08.12 Trj/Downloader.MDW
PCTools 4.4.2.0 2009.08.12 Packed/NSPack[/B]
Prevx 3.0 2009.08.13 -
Rising 21.42.34.00 2009.08.13 -
[B]Sophos 4.44.0 2009.08.13 Mal/Packer
Sunbelt 3.2.1858.2 2009.08.13 Packer.NSAnti.Gen (v)
Symantec 1.4.4.12 2009.08.13 Backdoor.Trojan
TheHacker 6.3.4.3.383 2009.08.13 W32/Behav-Heuristic-067
TrendMicro 8.950.0.1094 2009.08.13 BKDR_HUPIGON.EAU[/B]
VBA32 3.12.10.9 2009.08.13 -
ViRobot 2009.8.13.1883 2009.08.13 -
[B]VirusBuster 4.6.5.0 2009.08.13 Packed/NSPack[/B][/QUOTE]
Дополнительная информация
File size: 502784 bytes
MD5...: 6d192a0924d1565097c9e0ef068031cf
SHA1..: cb225bedacd6d1b614a1557209e144563216d818
SHA256: 7bd1d8a97253193c2f73cfff4777622d126330104b755e2f07230b19ea490546
ssdeep: 6144:tO0eBeuipeiuhPlS1Ew5EUOKQ71Yk29Lu7W1Q55HiD+thm+grcqHEXIkwqJ
6wUvC:tO0eBEpe91li5wDos7WGSQAJ9HEw64v
PEiD..: NSPack 3.x -> Liu Xing Ping
TrID..: File type identification
Win32 EXE Yoda's Crypter (56.8%)
Win32 Executable Generic (18.2%)
Win32 Dynamic Link Library (generic) (16.2%)
Generic Win/DOS Executable (4.2%)
DOS Executable Generic (4.2%)
PEInfo: PE Structure information
[url]http://www.virustotal.com/ru/analisis/7bd1d8a97253193c2f73cfff4777622d126330104b755e2f07230b19ea490546-1250173779[/url]
Файл win_1_.jpg получен 2009.08.13 14:45:05 (UTC)
Текущий статус: закончено
Результат: 17/40 (42.5%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.13 Exploit.Win32.DirektShow!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.13 -
[B]AntiVir 7.9.1.1 2009.08.13 EXP/DirektShow.A
Antiy-AVL 2.0.3.7 2009.08.13 Exploit/Win32.DirektShow
Authentium 5.1.2.4 2009.08.13 DirektShow.A[/B]
Avast 4.8.1335.0 2009.08.12 -
AVG 8.5.0.406 2009.08.13 -
BitDefender 7.2 2009.08.13 -
CAT-QuickHeal 10.00 2009.08.13 -
[B]ClamAV 0.94.1 2009.08.13 Trojan.Downloader.Fostrem
Comodo 1965 2009.08.13 TrojWare.Win32.Exploit.DirektShow.a[/B]
DrWeb 5.0.0.12182 2009.08.13 -
[B]eSafe 7.0.17.0 2009.08.13 Win32.Horse[/B]
eTrust-Vet 31.6.6675 2009.08.13 -
F-Prot 4.4.4.56 2009.08.13 -
[B]F-Secure 8.0.14470.0 2009.08.13 Exploit.Win32.DirektShow.a
Fortinet 3.120.0.0 2009.08.13 Data/MsVidCtl.A!exploit[/B]
GData 19 2009.08.13 -
[B]Ikarus T3.1.1.64.0 2009.08.13 Exploit.Win32.DirektShow[/B]
Jiangmin 11.0.800 2009.08.13 -
K7AntiVirus 7.10.817 2009.08.12 -
[B]Kaspersky 7.0.0.125 2009.08.13 Exploit.Win32.DirektShow.a
McAfee 5707 2009.08.12 Exploit-MSDirectShow.b
McAfee+Artemis 5707 2009.08.12 Exploit-MSDirectShow.b
McAfee-GW-Edition 6.8.5 2009.08.13 Downloader.Fostrem[/B]
Microsoft 1.4903 2009.08.13 -
NOD32 4332 2009.08.13 -
Norman 6.01.09 2009.08.13 -
nProtect 2009.1.8.0 2009.08.13 -
[B]Panda 10.0.0.14 2009.08.12 Exploit/DirektShow.A[/B]
PCTools 4.4.2.0 2009.08.12 -
[B]Rising 21.42.34.00 2009.08.13 Hack.Exploit.Win32.CVE-2008-0015.a[/B]
Sophos 4.44.0 2009.08.13 -
Sunbelt 3.2.1858.2 2009.08.13 -
[B]Symantec 1.4.4.12 2009.08.13 Downloader.Fostrem[/B]
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.13 -
VBA32 3.12.10.9 2009.08.13 -
ViRobot 2009.8.13.1883 2009.08.13 -
VirusBuster 4.6.5.0 2009.08.13 -[/QUOTE]
Дополнительная информация
File size: 63 bytes
MD5...: c26a70a02442035a7836c1f6d0a50bf0
SHA1..: 3f36e6c0deb823d0497c8c91f957c52b1de8addb
SHA256: a58e3a42daf56fa95d67a157b9c699e43e89e254bcc717ff04d9d19d1ffb40b4
ssdeep: 3:/5ltfRJLn:/7bln
PEiD..: -
TrID..: File type identification
Adobe PhotoShop Brush (49.3%)
BONK lossless/lossy audio compressor (49.3%)
Sybase iAnywhere database files (0.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.3%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
[url]http://www.virustotal.com/ru/analisis/a58e3a42daf56fa95d67a157b9c699e43e89e254bcc717ff04d9d19d1ffb40b4-1250174705[/url]
-
Посмотрел пару ссылок которые были на твиттере закодированные BASE64
File body received on 2009.08.15 13:17:06 (UTC)
Current status: finished
Result: 5/41 (12.2%)
[QUOTE]a-squared 4.5.0.24 2009.08.15 -
AhnLab-V3 5.0.0.2 2009.08.15 -
AntiVir 7.9.1.1 2009.08.14 -
Antiy-AVL 2.0.3.7 2009.08.14 -
[B]Authentium 5.1.2.4 2009.08.14 W32/Heuristic-KPP!Eldorado[/B]
Avast 4.8.1335.0 2009.08.14 -
AVG 8.5.0.406 2009.08.15 -
BitDefender 7.2 2009.08.15 -
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.15 -
Comodo 1978 2009.08.14 -
DrWeb 5.0.0.12182 2009.08.15 -
eSafe 7.0.17.0 2009.08.13 -
eTrust-Vet 31.6.6678 2009.08.14 -
[B]F-Prot 4.4.4.56 2009.08.14 W32/Heuristic-KPP!Eldorado[/B]
[B]F-Secure 8.0.14470.0 2009.08.15 Trojan-Banker.Win32.Banker.alwe[/B]
Fortinet 3.120.0.0 2009.08.15 -
GData 19 2009.08.15 -
Ikarus T3.1.1.64.0 2009.08.15 -
Jiangmin 11.0.800 2009.08.15 -
K7AntiVirus 7.10.819 2009.08.14 -
[B]Kaspersky 7.0.0.125 2009.08.15 Trojan-Banker.Win32.Banker.alwa[/B]
McAfee 5709 2009.08.14 -
McAfee+Artemis 5709 2009.08.14 -
McAfee-GW-Edition 6.8.5 2009.08.15 -
Microsoft 1.4903 2009.08.15 -
NOD32 4337 2009.08.15 -
Norman 6.01.09 2009.08.14 -
nProtect 2009.1.8.0 2009.08.15 -
[B]Panda 10.0.0.14 2009.08.14 Suspicious file[/B]
PCTools 4.4.2.0 2009.08.15 -
Prevx 3.0 2009.08.15 -
Rising 21.42.52.00 2009.08.15 -
Sophos 4.44.0 2009.08.15 -
Sunbelt 3.2.1858.2 2009.08.15 -
Symantec 1.4.4.12 2009.08.15 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.14 -
VBA32 3.12.10.9 2009.08.15 -
ViRobot 2009.8.14.1885 2009.08.14 -
VirusBuster 4.6.5.0 2009.08.14 -[/QUOTE]
Additional information
File size: 178792 bytes
MD5...: 1a81e69e65b75f8b9e72e94c6f86a52b
SHA1..: 41b6344da04df875368eb5f87e10c00df8e1ccbb
SHA256: 2d4af620b5ec07325927b78431835466575b72c4a616049ff58e2cef6e3091b7
ssdeep: 3072:ok2t51Sf3Y+O/8qkaQ7NuASq6fknbxqpQXUG3ijtCi95C2lbbISaCXkCtsF
dy:oH50PY+OkqkP7RYknbxJUG3ijx95hdUw
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
packers (Kaspersky): MIME.Broken, PE_Patch.UPX, UPX
packers (Authentium): base64, UPX
packers (F-Prot): base64, UPX
File body received on 2009.08.15 13:25:48 (UTC)
Current status: finished
Result: 4/41 (9.76%)
[QUOTE]a-squared 4.5.0.24 2009.08.15 -
AhnLab-V3 5.0.0.2 2009.08.15 -
AntiVir 7.9.1.1 2009.08.14 -
Antiy-AVL 2.0.3.7 2009.08.14 -
[B]Authentium 5.1.2.4 2009.08.14 W32/EmailRisk.A!Camelot[/B]
Avast 4.8.1335.0 2009.08.14 -
AVG 8.5.0.406 2009.08.15 -
BitDefender 7.2 2009.08.15 -
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.15 -
Comodo 1965 2009.08.14 -
DrWeb 5.0.0.12182 2009.08.15 -
eSafe 7.0.17.0 2009.08.13 -
eTrust-Vet 31.6.6678 2009.08.14 -
F-Prot 4.4.4.56 2009.08.14 -
[B]F-Secure 8.0.14470.0 2009.08.15 Trojan-Banker.Win32.Banker.alvx[/B]
Fortinet 3.120.0.0 2009.08.15 -
GData 19 2009.08.15 -
Ikarus T3.1.1.64.0 2009.08.15 -
Jiangmin 11.0.800 2009.08.15 -
K7AntiVirus 7.10.819 2009.08.14 -
[B]Kaspersky 7.0.0.125 2009.08.15 Trojan-Banker.Win32.Banker.alww[/B]
McAfee 5709 2009.08.14 -
McAfee+Artemis 5709 2009.08.14 -
McAfee-GW-Edition 6.8.5 2009.08.15 -
Microsoft 1.4903 2009.08.15 -
NOD32 4337 2009.08.15 -
Norman 2009.08.14 -
nProtect 2009.1.8.0 2009.08.15 -
[B]Panda 10.0.0.14 2009.08.14 Suspicious file[/B]
PCTools 4.4.2.0 2009.08.15 -
Prevx 3.0 2009.08.15 -
Rising 21.42.52.00 2009.08.15 -
Sophos 4.44.0 2009.08.15 -
Sunbelt 3.2.1858.2 2009.08.15 -
Symantec 1.4.4.12 2009.08.15 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.14 -
VBA32 3.12.10.9 2009.08.15 -
ViRobot 2009.8.14.1885 2009.08.14 -
VirusBuster 4.6.5.0 2009.08.14 -[/QUOTE]
Additional information
File size: 180064 bytes
MD5...: a5051a6e5365bdc4dd8267e62d3e2902
SHA1..: 441a4a1e35582b7822e00ec88b453f4df6ace3ef
SHA256: 11f3b7d0ec11e9ea44f4d8a81860d9a5d63d38a95ee677044f20e0fcb52f8218
ssdeep: 3072:VTRPvNxJSWmo5SfI7NwQSWNAQ19wCQsBiYk+zYLrztb7D49huV1U81QQ:H9
l7eqAQ19NFiYk+zYdOs3B1Z
PEiD..: -
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Unknown!
packers (Kaspersky): MIME.Broken, MPRESS, PE_Patch.UPX, UPX
packers (F-Prot): base64, UPX
packers (Authentium): base64
-
Файл Book_4310.exe получен 2009.08.15 15:29:54 (UTC)
Текущий статус: закончено
Результат: 5/41 (12.2%)
[QUOTE]Антивирус Версия Обновление Результат
[B]a-squared 4.5.0.24 2009.08.15 Trojan-Downloader.Adload!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.15 -
[B]AntiVir 7.9.1.1 2009.08.14 ADSPY/AdSpy.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.14 -
Authentium 5.1.2.4 2009.08.14 -
Avast 4.8.1335.0 2009.08.14 -
AVG 8.5.0.406 2009.08.15 -
BitDefender 7.2 2009.08.15 -
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.15 -
Comodo 1978 2009.08.14 -
[B]DrWeb 5.0.0.12182 2009.08.15 Adware.FieryAds.22[/B]
eSafe 7.0.17.0 2009.08.13 -
eTrust-Vet 31.6.6678 2009.08.14 -
F-Prot 4.4.4.56 2009.08.14 -
F-Secure 8.0.14470.0 2009.08.15 -
Fortinet 3.120.0.0 2009.08.15 -
GData 19 2009.08.15 -
[B]Ikarus T3.1.1.64.0 2009.08.15 Trojan-Downloader.Adload[/B]
Jiangmin 11.0.800 2009.08.15 -
K7AntiVirus 7.10.819 2009.08.14 -
Kaspersky 7.0.0.125 2009.08.15 -
McAfee 5710 2009.08.15 -
McAfee+Artemis 5710 2009.08.15 -
[B]McAfee-GW-Edition 6.8.5 2009.08.15 Ad-Spyware.AdSpy.Gen[/B]
Microsoft 1.4903 2009.08.15 -
NOD32 4337 2009.08.15 -
Norman 6.01.09 2009.08.14 -
nProtect 2009.1.8.0 2009.08.15 -
Panda 10.0.0.14 2009.08.15 -
PCTools 4.4.2.0 2009.08.15 -
Prevx 3.0 2009.08.15 -
Rising 21.42.52.00 2009.08.15 -
Sophos 4.44.0 2009.08.15 -
Sunbelt 3.2.1858.2 2009.08.15 -
Symantec 1.4.4.12 2009.08.15 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.14 -
VBA32 3.12.10.9 2009.08.15 -
ViRobot 2009.8.14.1885 2009.08.14 -
VirusBuster 4.6.5.0 2009.08.14 -[/QUOTE]
Дополнительная информация
File size: 2839109 bytes
MD5...: 8f009d05aaca2a4ac75084b7b57ffada
SHA1..: 4d51d689cf000b433979723828241563737d8833
SHA256: b612c33016c3cf543f666137056b4eec784d6a03d8a5ad7d6f4d48505a1b0494
ssdeep: 49152:jkBxIqMYEU9xgiczfxqBMcTUV+FQ1oXoi3O8FZE++PPIo0E3TfkT9Dvg2e
5E+B7F:gBxgxU9xSzfxqicTY++yXz3LFYPP4T5Y
PEiD..: ASProtect v1.23 RC1
TrID..: File type identification
Win32 Executable Generic (58.3%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.7%)
DOS Executable Generic (13.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
[url]http://www.virustotal.com/ru/analisis/b612c33016c3cf543f666137056b4eec784d6a03d8a5ad7d6f4d48505a1b0494-1250350194[/url]
-
А где можно статистику посмотреть?
-
File l.phpfxe received on 2009.08.15 20:27:59 (UTC)
Current status: finished
Result: 4/41 (9.76%)
[QUOTE]a-squared 4.5.0.24 2009.08.15 -
AhnLab-V3 5.0.0.2 2009.08.15 -
[B]AntiVir 7.9.1.1 2009.08.14 HTML/Crypted.Gen[/B]
Antiy-AVL 2.0.3.7 2009.08.14 -
Authentium 5.1.2.4 2009.08.15 -
[B]Avast 4.8.1335.0 2009.08.14 JS:Pdfka-KR[/B]
AVG 8.5.0.406 2009.08.15 -
BitDefender 7.2 2009.08.15 -
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.15 -
Comodo 1981 2009.08.15 -
DrWeb 5.0.0.12182 2009.08.15 -
eSafe 7.0.17.0 2009.08.13 -
eTrust-Vet 31.6.6678 2009.08.14 -
F-Prot 4.4.4.56 2009.08.15 -
F-Secure 8.0.14470.0 2009.08.15 -
Fortinet 3.120.0.0 2009.08.15 -
[B]GData 19 2009.08.15 JS:Pdfka-KR[/B]
Ikarus T3.1.1.64.0 2009.08.15 -
Jiangmin 11.0.800 2009.08.15 -
K7AntiVirus 7.10.819 2009.08.14 -
Kaspersky 7.0.0.125 2009.08.15 -
McAfee 5710 2009.08.15 -
McAfee+Artemis 5710 2009.08.15 -
[B]McAfee-GW-Edition 6.8.5 2009.08.15 Heuristic.Script.Crypted[/B]
Microsoft 1.4903 2009.08.15 -
NOD32 4338 2009.08.15 -
Norman 6.01.09 2009.08.14 -
nProtect 2009.1.8.0 2009.08.15 -
Panda 10.0.0.14 2009.08.15 -
PCTools 4.4.2.0 2009.08.15 -
Prevx 3.0 2009.08.15 -
Rising 21.42.52.00 2009.08.15 -
Sophos 4.44.0 2009.08.15 -
Sunbelt 3.2.1858.2 2009.08.15 -
Symantec 1.4.4.12 2009.08.15 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.14 -
VBA32 3.12.10.9 2009.08.15 -
ViRobot 2009.8.14.1885 2009.08.14 -
VirusBuster 4.6.5.0 2009.08.15 -[/QUOTE]
Additional information
File size: 6338 bytes
MD5...: 6493f1bd8bad9ead58475a903fb0acbd
SHA1..: cceeda2aa8d80e10ea82a20e128f69ed7cba35f9
SHA256: cc7685a8bf3dd1c7b296b780a8f95a137b9349e2f28966c433ddbbe856ca8cc0
ssdeep: 192:0HpcC/qyYfyljhW2hhouZH0cbdnVTrwW11zTAkk:4pcCSyYfyljhlfoaH0cb
dnVTrwWjvxk
PEiD..: -
TrID..: File type identification
HyperText Markup Language with DOCTYPE (80.6%)
HyperText Markup Language (19.3%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
[size="1"][color="#666686"][B][I]Добавлено через 6 часов 2 минуты[/I][/B][/color][/size]
2 Порно-баннера
File mediamodule.wsf received on 2009.08.16 02:17:55 (UTC)
Current status: finished
Result: 0/41 (0%)
[QUOTE]a-squared 4.5.0.24 2009.08.15 -
AhnLab-V3 5.0.0.2 2009.08.15 -
AntiVir 7.9.1.1 2009.08.14 -
Antiy-AVL 2.0.3.7 2009.08.14 -
Authentium 5.1.2.4 2009.08.15 -
Avast 4.8.1335.0 2009.08.15 -
AVG 8.5.0.406 2009.08.15 -
BitDefender 7.2 2009.08.16 -
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.15 -
Comodo 1983 2009.08.16 -
DrWeb 5.0.0.12182 2009.08.16 -
eSafe 7.0.17.0 2009.08.13 -
eTrust-Vet 31.6.6678 2009.08.14 -
F-Prot 4.4.4.56 2009.08.15 -
F-Secure 8.0.14470.0 2009.08.15 -
Fortinet 3.120.0.0 2009.08.16 -
GData 19 2009.08.16 -
Ikarus T3.1.1.64.0 2009.08.15 -
Jiangmin 11.0.800 2009.08.15 -
K7AntiVirus 7.10.819 2009.08.14 -
Kaspersky 7.0.0.125 2009.08.16 -
McAfee 5710 2009.08.15 -
McAfee+Artemis 5710 2009.08.15 -
McAfee-GW-Edition 6.8.5 2009.08.15 -
Microsoft 1.4903 2009.08.16 -
NOD32 4338 2009.08.15 -
Norman 6.01.09 2009.08.14 -
nProtect 2009.1.8.0 2009.08.16 -
Panda 10.0.0.14 2009.08.15 -
PCTools 4.4.2.0 2009.08.15 -
Prevx 3.0 2009.08.16 -
Rising 21.42.52.00 2009.08.15 -
Sophos 4.44.0 2009.08.16 -
Sunbelt 3.2.1858.2 2009.08.15 -
Symantec 1.4.4.12 2009.08.16 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.14 -
VBA32 3.12.10.9 2009.08.15 -
ViRobot 2009.8.14.1885 2009.08.14 -
VirusBuster 4.6.5.0 2009.08.15 -[/QUOTE]
Additional information
File size: 163339 bytes
MD5...: 38a583d21abe894867e4e04ec2412f45
SHA1..: a4a547c80482d147117c10bc5e07c5191cd9923f
SHA256: a80402d559067c18d6c55a192eba5275154af7b380324c3c16746da21ea07274
ssdeep: 3072:lJ436MPJeN8g/PVk+gS0vONH15XoYWJzRo+ZbPWDz/z/MtsMeKXURF7LlFw
RTJd:l67JeKp+gS0vONH15XoYWJ9zbWzDOsMV
PEiD..: -
TrID..: File type identification
Generic XML (ASCII) (100.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
File msmedia.dll received on 2009.08.16 02:32:11 (UTC)
Current status: finished
Result: 6/41 (14.64%)
[QUOTE]a-squared 4.5.0.24 2009.08.15 -
AhnLab-V3 5.0.0.2 2009.08.15 -
[B]AntiVir 7.9.1.1 2009.08.14 TR/BHO.cnd.11[/B]
Antiy-AVL 2.0.3.7 2009.08.14 -
Authentium 5.1.2.4 2009.08.15 -
Avast 4.8.1335.0 2009.08.15 -
AVG 8.5.0.406 2009.08.15 -
BitDefender 7.2 2009.08.16 -
[B]CAT-QuickHeal 10.00 2009.08.13 Trojan.BHO.xxx[/B]
ClamAV 0.94.1 2009.08.15 -
Comodo 1983 2009.08.16 -
DrWeb 5.0.0.12182 2009.08.16 -
eSafe 7.0.17.0 2009.08.13 -
eTrust-Vet 31.6.6678 2009.08.14 -
F-Prot 4.4.4.56 2009.08.15 -
F-Secure 8.0.14470.0 2009.08.15 -
Fortinet 3.120.0.0 2009.08.16 -
GData 19 2009.08.16 -
Ikarus T3.1.1.64.0 2009.08.15 -
[B]Jiangmin 11.0.800 2009.08.15 Trojan/BHO.hry[/B]
K7AntiVirus 7.10.819 2009.08.14 -
Kaspersky 7.0.0.125 2009.08.16 -
McAfee 5710 2009.08.15 -
McAfee+Artemis 5710 2009.08.15 -
[B]McAfee-GW-Edition 6.8.5 2009.08.16 Trojan.BHO.cnd.11[/B]
Microsoft 1.4903 2009.08.16 -
NOD32 4338 2009.08.15 -
Norman 6.01.09 2009.08.14 -
nProtect 2009.1.8.0 2009.08.16 -
[B]Panda 10.0.0.14 2009.08.15 Adware/WebSearch[/B]
PCTools 4.4.2.0 2009.08.15 -
[B]Prevx 3.0 2009.08.16 High Risk Fraudulent Security Program[/B]
Rising 21.42.52.00 2009.08.15 -
Sophos 4.44.0 2009.08.16 -
Sunbelt 3.2.1858.2 2009.08.15 -
Symantec 1.4.4.12 2009.08.16 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.14 -
VBA32 3.12.10.9 2009.08.15 -
ViRobot 2009.8.14.1885 2009.08.14 -
VirusBuster 4.6.5.0 2009.08.15 -[/QUOTE]
Additional information
File size: 12800 bytes
MD5...: 9b38d561fe668ab63e0235bb68376264
SHA1..: 04ed2910439896bc09e5c7faf664354db91eccb1
SHA256: cbee213f302d4f0a84d7649e26e0fe06335ea083b594f667752936ad1ca3ac16
ssdeep: 192:Ib0eptbbmhWFxl2s4+i2MLjcW6hxhMKQABdX/:IIefbbGWrgs4+i2MLD6hMK
ddv
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x268c
timedatestamp.....: 0x4a867db7 (Sat Aug 15 09:19:51 2009)
machinetype.......: 0x14c (I386)
Prevx info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=0691D61300E2C19432D600A18FC74800DB7C31AF[/url]
File datafeeder.wsf received on 2009.08.16 02:19:25 (UTC)
Current status: finished
Result: 4/41 (9.76%)
[QUOTE]a-squared 4.5.0.24 2009.08.15 -
AhnLab-V3 5.0.0.2 2009.08.15 -
AntiVir 7.9.1.1 2009.08.14 -
Antiy-AVL 2.0.3.7 2009.08.14 -
Authentium 5.1.2.4 2009.08.15 -
[B]Avast 4.8.1335.0 2009.08.15 JS:XmlPack-C[/B]
AVG 8.5.0.406 2009.08.15 -
BitDefender 7.2 2009.08.16 -
CAT-QuickHeal 10.00 2009.08.13 -
ClamAV 0.94.1 2009.08.15 -
Comodo 1983 2009.08.16 -
DrWeb 5.0.0.12182 2009.08.16 -
eSafe 7.0.17.0 2009.08.13 -
eTrust-Vet 31.6.6678 2009.08.14 -
F-Prot 4.4.4.56 2009.08.15 -
[B]F-Secure 8.0.14470.0 2009.08.15 Packed.JS.XMLPack.f[/B]
Fortinet 3.120.0.0 2009.08.16 -
[B]GData 19 2009.08.16 JS:XmlPack-C[/B]
Ikarus T3.1.1.64.0 2009.08.15 -
Jiangmin 11.0.800 2009.08.15 -
K7AntiVirus 7.10.819 2009.08.14 -
[B]Kaspersky 7.0.0.125 2009.08.16 Packed.JS.XMLPack.f[/B]
McAfee 5710 2009.08.15 -
McAfee+Artemis 5710 2009.08.15 -
McAfee-GW-Edition 6.8.5 2009.08.15 -
Microsoft 1.4903 2009.08.16 -
NOD32 4338 2009.08.15 -
Norman 6.01.09 2009.08.14 -
nProtect 2009.1.8.0 2009.08.16 -
Panda 10.0.0.14 2009.08.15 -
PCTools 4.4.2.0 2009.08.15 -
Prevx 3.0 2009.08.16 -
Rising 21.42.52.00 2009.08.15 -
Sophos 4.44.0 2009.08.16 -
Sunbelt 3.2.1858.2 2009.08.15 -
Symantec 1.4.4.12 2009.08.16 -
TheHacker 6.3.4.3.383 2009.08.13 -
TrendMicro 8.950.0.1094 2009.08.14 -
VBA32 3.12.10.9 2009.08.15 -
ViRobot 2009.8.14.1885 2009.08.14 -
VirusBuster 4.6.5.0 2009.08.15 -[/QUOTE]
Additional information
File size: 105923 bytes
MD5...: fb046d8b30f072e14c2be00bf02ce751
SHA1..: 8f1bbc3f5a11c831d15f3cebacfeaf5f08e1ee49
SHA256: 46cbdd5d1679fa2da5baf46e7c7d4e5d57db32622ca3055d22e1d83b204758ab
ssdeep: 1536:n0x4jNBhowEwLXIEb8NDHe6qGUMO28uB60QbOC:n00dWDe
PEiD..: -
TrID..: File type identification
file seems to be plain text/ASCII (0.0%)
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set
-
File bpfeed.dll received on 2009.08.16 02:32:08 (UTC)
Current status: finished
Result: 29/41 (70.73%)
[QUOTE]a-squared 4.5.0.24 2009.08.15 [B]Trojan.Win32.BHO!IK[/B]
AhnLab-V3 5.0.0.2 2009.08.15 [B]Win-Trojan/Bho.12288.K[/B]
AntiVir 7.9.1.1 2009.08.14 [B] TR/BHO.cnd.11[/B]
Antiy-AVL 2.0.3.7 2009.08.14 [B]Trojan/Win32.BHO.gen[/B]
Authentium 5.1.2.4 2009.08.15 -
Avast 4.8.1335.0 2009.08.15 [B]Win32:Trojan-gen {Other}[/B]
AVG 8.5.0.406 2009.08.15 [B]Generic13.AVZX[/B]
BitDefender 7.2 2009.08.16 [B]Trojan.Generic.IS.591961[/B]
CAT-QuickHeal 10.00 2009.08.13 [B]Trojan.BHO.suf[/B]
ClamAV 0.94.1 2009.08.15 -
Comodo 1983 2009.08.16 [B]TrojWare.Win32.BHO.suf[/B]
DrWeb 5.0.0.12182 2009.08.16 [B]Trojan.Blackmailer.origin[/B]
eSafe 7.0.17.0 2009.08.13 -
eTrust-Vet 31.6.6678 2009.08.14 -
F-Prot 4.4.4.56 2009.08.15 -
F-Secure 8.0.14470.0 2009.08.15 [B]Trojan.Win32.BHO.suf[/B]
Fortinet 3.120.0.0 2009.08.16 [B]W32/BHO.SUF!tr[/B]
GData 19 2009.08.16 [B]Trojan.Generic.IS.591961[/B]
Ikarus T3.1.1.64.0 2009.08.15 [B]Trojan.Win32.BHO[/B]
Jiangmin 11.0.800 2009.08.15 [B]Trojan/BHO.gvz[/B]
K7AntiVirus 7.10.819 2009.08.14 [B]Trojan.Win32.BHO.suf[/B]
Kaspersky 7.0.0.125 2009.08.16 [B]Trojan.Win32.BHO.suf[/B]
McAfee 5710 2009.08.15 Ransom-J
McAfee+Artemis 5710 2009.08.15 Ransom-J
McAfee-GW-Edition 6.8.5 2009.08.16 [B]Trojan.BHO.cnd.11[/B]
Microsoft 1.4903 2009.08.16 -
NOD32 4338 2009.08.15 [B]Win32/Adware.Agent.NMG[/B]
Norman 6.01.09 2009.08.14 -
nProtect 2009.1.8.0 2009.08.16 [B]Trojan/W32.BHO.12288.H[/B]
Panda 10.0.0.14 2009.08.15 [B]Trj/CI.A[/B]
PCTools 4.4.2.0 2009.08.15 -
Prevx 3.0 2009.08.16 [B]High Risk Cloaked Malware[/B]
Rising 21.42.52.00 2009.08.15 -
Sophos 4.44.0 2009.08.16 [B]Troj/BHO-MQ[/B]
Sunbelt 3.2.1858.2 2009.08.15 -
Symantec 1.4.4.12 2009.08.16 [B] Adware.Gen[/B]
TheHacker 6.3.4.3.383 2009.08.13 [B]Trojan/BHO.suf[/B]
TrendMicro 8.950.0.1094 2009.08.14 -
VBA32 3.12.10.9 2009.08.15 [B]Trojan.Win32.BHO.suf[/B]
ViRobot 2009.8.14.1885 2009.08.14 -
VirusBuster 4.6.5.0 2009.08.15 [B]Trojan.BHO.VGM[/B][/QUOTE]
Additional information
File size: 12288 bytes
MD5 : f86854e5edd2f2a4eb730d1e59bd3154
SHA1 : bf2329a0f7f8de8b5632851852d52f155c091f35
SHA256: 5ff9068b7af8ddbdc2802ac1da44e95d5891e19834e8915c4e36cbfbb9bc94fb
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x2515
timedatestamp.....: 0x4A0D3014 (Fri May 15 11:04:20 2009)
machinetype.......: 0x14C (Intel I386)
Prevx Info: [url]http://info.prevx.com/aboutprogramtext.asp?PX5=45EBB0520005B77B303E00FED32D4500FBF1DE36[/url]
Page generated in 0.00411 seconds with 10 queries