Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Archivo que viene llamado CONVITE.ZIP

2 views
Skip to first unread message

SinT

unread,
Oct 19, 2009, 3:41:30 AM10/19/09
to
An�lisis del archivo Convite.exe recibido el 2009.10.19 06:36:29 (UTC)
Motor antivirus Versi�n �ltima actualizaci�n Resultado
a-squared 4.5.0.41 2009.10.19 Trojan.Win32.VB!IK
AhnLab-V3 5.0.0.2 2009.10.17 -
AntiVir 7.9.1.35 2009.10.18 TR/VB.xbi
Antiy-AVL 2.0.3.7 2009.10.16 -
Authentium 5.1.2.4 2009.10.18 -
Avast 4.8.1351.0 2009.10.18 -
AVG 8.5.0.420 2009.10.18 -
BitDefender 7.2 2009.10.19 -
CAT-QuickHeal 10.00 2009.10.18 -
ClamAV 0.94.1 2009.10.19 -
Comodo 2653 2009.10.19 -
DrWeb 5.0.0.12182 2009.10.18 -
eSafe 7.0.17.0 2009.10.18 Suspicious File
eTrust-Vet 35.1.7072 2009.10.16 -
F-Prot 4.5.1.85 2009.10.18 -
F-Secure 9.0.15300.0 2009.10.16 -
Fortinet 3.120.0.0 2009.10.16 -
GData 19 2009.10.19 -
Ikarus T3.1.1.72.0 2009.10.19 Trojan.Win32.VB
Jiangmin 11.0.800 2009.10.19 Worm/Kido.ru
K7AntiVirus 7.10.872 2009.10.16 -
Kaspersky 7.0.0.125 2009.10.19 Trojan.Win32.VB.xbi
McAfee 5775 2009.10.18 -
McAfee+Artemis 5775 2009.10.18 Artemis!6A18626DE9A7
McAfee-GW-Edition 6.8.5 2009.10.19
Heuristic.LooksLike.Trojan.Crypt.ZPACK.B
Microsoft 1.5101 2009.10.19 -
NOD32 4520 2009.10.18 -
Norman 6.03.02 2009.10.17 -
nProtect 2009.1.8.0 2009.10.18 -
Panda 10.0.2.2 2009.10.18 Suspicious file
PCTools 4.4.2.0 2009.10.18 -
Prevx 3.0 2009.10.19 -
Rising 21.52.00.00 2009.10.19 -
Sophos 4.46.0 2009.10.19 Mal/Generic-A
Sunbelt 3.2.1858.2 2009.10.18 -
Symantec 1.4.4.12 2009.10.19 -
TheHacker 6.5.0.2.046 2009.10.19 -
TrendMicro 8.950.0.1094 2009.10.19 -
VBA32 3.12.10.11 2009.10.18 -
ViRobot 2009.10.19.1991 2009.10.19 -
VirusBuster 4.6.5.0 2009.10.18 -

Informaci�n adicional
Tamano archivo: 99840 bytes
MD5...: 6a18626de9a7a44c9f1c8c17574598c2
SHA1..: 5932e93b248777b2c684145a5c3c7991593c5edc
SHA256:
8d8e5fc9c164632d60de6a789d64b1030abea7df4258b8645e87ededfd44b8a7
ssdeep:
3072:d8qb60Ph9wnTU2G8LIFwkAlK/lj2G4g1outJG:d8qbqNGQ+wksK9+g1oS<BR>
PEiD..: -
PEInfo: PE Structure information<BR><BR>( base
data )<BR>entrypointaddress.: 0x21590<BR>timedatestamp.....: 0x4ad78e96 (Thu
Oct 15 21:05:26 2009)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 3
sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>UPX0 0x1000 0xa000 0x0
0.00 d41d8cd98f00b204e9800998ecf8427e<BR>UPX1 0xb000 0x18000 0x17200 7.99
ff9b006134bf3297794f4b308cf88573<BR>.rsrc 0x23000 0x1000 0x1000 4.79
57bb3212a1f7e488972e1967fe50a24a<BR><BR>( 2 imports ) <BR>&gt; KERNEL32.DLL:
LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree,
ExitProcess<BR>&gt; MSVBVM60.DLL: -<BR><BR>( 0 exports ) <BR>
RDS...: NSRL Reference Data Set<BR>-
pdfid.: -
trid..: UPX compressed Win32 Executable (39.5%)<BR>Win32 EXE Yoda's
Crypter (34.3%)<BR>Win32 Executable Generic (11.0%)<BR>Win32 Dynamic Link
Library (generic) (9.8%)<BR>Generic Win/DOS Executable (2.5%)
sigcheck:<BR>publisher....: Mask Serv Syst_<BR>copyright....: Mask
Serv Syst_<BR>product......: Mask Serv Syst_<BR>description..: Mask Serv
Syst_<BR>original name: Convite.exe<BR>internal name: Convite<BR>file
version.: 1.00<BR>comments.....: Mask Serv
Syst_<BR>signers......: -<BR>signing date.: -<BR>verified.....: Unsigned<BR>
packers (Kaspersky): UPX
packers (F-Prot): UPX_LZMA


0 new messages