Virustotal. MD5: 3a158263acfcd934ff2957a55c4f6b98

Transcription

23/04/2010
Virustotal. MD5: 3a158263acfcd934ff2…
Srpski | Македонски | ‫ | العربية‬Suomi | ihMdI |
| ‫| עברית‬
| Slovenščina | Dansk | Русский | Română | Türkçe |
Nederlands | Ελληνικά | Français | Svenska | Português | Italiano |
|
| Magyar | Deutsch | Česky |
Polski | Español
Virustotal is a service that analyzes suspicious
files and facilitates the quick detection of viruses,
worms, trojans, and all kinds of malware detected
by antivirus engines. More information...
File htaedit.exe received on 2010.04.23 10:21:40 (UTC)
Current status: finished
Result: 0/40 (0.00%)
Compact
Print results
Antivirus
Version
Last Update
Result
a-squared
4.5.0.50
2010.04.23
-
AhnLab-V3
5.0.0.2
2010.04.23
-
AntiVir
8.2.1.220
2010.04.23
-
Antiy-AVL
2.0.3.7
2010.04.23
-
Authentium
5.2.0.5
2010.04.23
-
Avast
4.8.1351.0
2010.04.22
-
Avast5
5.0.332.0
2010.04.22
-
AVG
9.0.0.787
2010.04.23
-
BitDefender
7.2
2010.04.23
-
CAT-QuickHeal
10.00
2010.04.23
-
ClamAV
0.96.0.3-git
2010.04.23
-
Comodo
4669
2010.04.23
-
DrWeb
5.0.2.03300
2010.04.23
-
eSafe
7.0.17.0
2010.04.22
-
eTrust-Vet
35.2.7445
2010.04.23
-
F-Prot
4.5.1.85
2010.04.23
-
F-Secure
9.0.15370.0
2010.04.23
-
Fortinet
4.0.14.0
2010.04.21
-
GData
21
2010.04.23
-
Ikarus
T3.1.1.80.0
2010.04.23
-
Jiangmin
13.0.900
2010.04.23
-
Kaspersky
7.0.0.125
2010.04.23
-
McAfee
5.400.0.1158
2010.04.23
-
McAfee-GW-Edition
6.8.5
2010.04.23
-
virustotal.com/…/89c3092961a93ae2fb…
1/5
23/04/2010
Microsoft
1.5703
2010.04.23
-
NOD32
5052
2010.04.23
-
Norman
6.04.11
2010.04.23
-
nProtect
2010-04-23.01
2010.04.23
-
Panda
10.0.2.7
2010.04.22
-
PCTools
7.0.3.5
2010.04.23
-
Prevx
3.0
2010.04.23
-
Rising
22.44.04.03
2010.04.23
-
Sophos
4.53.0
2010.04.23
-
Sunbelt
6212
2010.04.23
-
Symantec
20091.2.0.41
2010.04.23
-
TheHacker
6.5.2.0.267
2010.04.22
-
TrendMicro
9.120.0.1004
2010.04.23
-
VBA32
3.12.12.4
2010.04.23
-
ViRobot
2010.4.23.2291
2010.04.23
-
VirusBuster
5.0.27.0
2010.04.22
-
Additional information
File size: 1332952 bytes
MD5
: 3a158263acfcd934ff2957a55c4f6b98
SHA1
: 8c6dae88b638650d63b049ffc69d9c7c7aa05372
SHA256: 89c3092961a93ae2fb0aac2871e835460bca7af5f459d464130d181780836013
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x96081
timedatestamp.....: 0x4BD16E07 (Fri Apr 23 11:53:11 2010)
machinetype.......: 0x14C (Intel I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xBB4BC 0xBB600 6.58 a4a6afd168745bfb22e934b38d3455d0
.rdata 0xBD000 0x3621A 0x36400 4.81 06cd8552c457790514bfac4f04fc338c
.data 0xF4000 0x9B18 0x4E00 4.77 9594f97f3d9cf62fe382a094e0193301
.rsrc 0xFE000 0x4D904 0x4DA00 5.62 f1db6ee55e358f9ce12ad34e832a3b11
( 14 imports )
> advapi32.dll: GetFileSecurityW, SetFileSecurityW, RegQueryValueW,
RegEnumKeyW, RegOpenKeyW, RegSetValueW, RegOpenKeyExA, RegQueryValueExA,
RegEnumValueW, RegDeleteValueW, RegCreateKeyExW, RegSetValueExW,
RegQueryInfoKeyW, RegDeleteKeyW, RegQueryValueExW, RegEnumKeyExW,
RegCloseKey, RegOpenKeyExW, RegCreateKeyW
> comdlg32.dll: GetFileTitleW
> crypt32.dll: CertCloseStore, CryptMsgClose, CertFreeCertificateContext,
CertFindCertificateInStore, CryptQueryObject, CryptMsgGetParam
> gdi32.dll: CreatePen, CreateSolidBrush, GetTextMetricsW, GetCharWidthW,
StretchDIBits, SetRectRgn, CombineRgn, GetMapMode, StartPage, EndPage,
AbortDoc, EndDoc, GetRgnBox, EnumFontFamiliesExW, CreateEllipticRgn, LPtoDP,
Ellipse, GetNearestColor, GetBkMode, GetPolyFillMode, GetROP2,
2/5
23/04/2010
GetStretchBltMode, GetTextAlign, GetTextFaceW, GetTextExtentPoint32A,
GetWindowOrgEx, CreatePatternBrush, DeleteDC, ExtSelectClipRgn,
GetViewportOrgEx, ExtTextOutW, CreateFontW, GetDeviceCaps, Rectangle,
SetPixel, GetPixel, GetObjectW, GetStockObject, BitBlt,
CreateCompatibleBitmap, CreateCompatibleDC, SetAbortProc,
GetTextExtentPoint32W, GetCurrentPositionEx, ScaleWindowExtEx,
SetWindowExtEx, SetWindowOrgEx, ScaleViewportExtEx, SetViewportExtEx,
OffsetViewportOrgEx, SetViewportOrgEx, SelectObject, Escape, TextOutW,
RectVisible, PtVisible, StartDocW, GetWindowExtEx, GetViewportExtEx,
CreateRectRgn, SelectClipRgn, DeleteObject, SetTextAlign, MoveToEx, LineTo,
IntersectClipRect, ExcludeClipRect, SetMapMode, SetStretchBltMode, SetROP2,
SetPolyFillMode, SetBkMode, RestoreDC, SaveDC, CreateRectRgnIndirect,
CreateBitmap, SetBkColor, SetTextColor, GetClipBox, CreateDCW, CopyMetaFileW,
GetBkColor, CreateFontIndirectW, DPtoLP, GetTextColor, PatBlt
> kernel32.dll: ConvertDefaultLocale, GetCurrentThread, GetDiskFreeSpaceW,
GetProfileIntW, TlsGetValue, GlobalReAlloc, GlobalHandle, TlsAlloc,
TlsSetValue, LocalReAlloc, TlsFree, GlobalFlags, SetErrorMode,
FindResourceExW, GetCurrentDirectoryW, GetStartupInfoW,
GetSystemTimeAsFileTime, HeapAlloc, HeapFree, HeapReAlloc, RtlUnwind,
VirtualAlloc, EnumResourceLanguagesW, VirtualQuery, ExitProcess, GetFileType,
HeapSize, SetUnhandledExceptionFilter, FreeEnvironmentStringsW,
GetEnvironmentStringsW, GetCommandLineW, SetHandleCount, GetStartupInfoA,
HeapCreate, VirtualFree, QueryPerformanceCounter, UnhandledExceptionFilter,
IsDebuggerPresent, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage,
GetTimeZoneInformation, LCMapStringW, LCMapStringA, GetConsoleCP,
GetConsoleMode, InitializeCriticalSectionAndSpinCount, GetStringTypeA,
GetStringTypeW, GetLocaleInfoA, WriteConsoleA, GetConsoleOutputCP,
WriteConsoleW, GetProcessHeap, CreateFileA, SetEnvironmentVariableA,
CompareStringA, InterlockedExchange, VirtualProtect, GlobalGetAtomNameW,
GetShortPathNameW, GetFullPathNameW, GetVolumeInformationW, GetFileSize,
SetEndOfFile, UnlockFile, LockFile, FlushFileBuffers, SetFilePointer,
GetStringTypeExW, GetThreadLocale, GetFileSizeEx, SetFileTime,
LocalFileTimeToFileTime, GetFileAttributesExW, FileTimeToLocalFileTime,
lstrlenA, lstrcmpA, GetPrivateProfileStringW, WritePrivateProfileStringW,
GetPrivateProfileIntW, GetCurrentProcessId, GetModuleHandleA,
GetCurrentThreadId, GlobalAddAtomW, GlobalFindAtomW, GlobalDeleteAtom,
CompareStringW, lstrcmpW, GetVersionExA, FreeResource, GlobalFree,
GlobalSize, LoadLibraryA, ExpandEnvironmentStringsA, GetExitCodeProcess,
ResumeThread, GlobalAlloc, GetTickCount, GlobalUnlock, GlobalLock,
LocalAlloc, SetEvent, CreateEventW, EndUpdateResourceW, UpdateResourceW,
BeginUpdateResourceW, MoveFileW, GetTempFileNameW, lstrcatW, lstrcpyW,
GetFileAttributesW, WideCharToMultiByte, SetCurrentDirectoryW,
GetModuleFileNameA, GetTempPathW, GetVersionExW, FindClose, DeleteFileW,
CompareFileTime, FileTimeToSystemTime, GetFileTime, CreateFileW,
SystemTimeToFileTime, GetSystemTime, GetComputerNameW,
InitializeCriticalSection, GetModuleFileNameW, RaiseException, lstrcmpiW,
InterlockedIncrement, LeaveCriticalSection, EnterCriticalSection, Sleep,
OpenProcess, LocalUnlock, LocalLock, ReadFile, CreateProcessW, MulDiv,
WriteFile, CloseHandle, DuplicateHandle, SetStdHandle, GetStdHandle,
FreeLibrary, EnumResourceNamesW, GetTimeFormatW, GetDateFormatW,
GetLocaleInfoW, GetCurrentProcess, TerminateProcess, WaitForSingleObject,
FindNextFileW, FindFirstFileW, TerminateThread, GetExitCodeThread,
CreateThread, ExpandEnvironmentStringsW, LoadLibraryExW, CopyFileW, lstrlenW,
MultiByteToWideChar, LocalFree, FormatMessageW, DeleteCriticalSection,
InterlockedDecrement, FindResourceW, LoadResource, LockResource,
SizeofResource, GetProcAddress, GetModuleHandleW, LoadLibraryW, GetLastError,
SetLastError, GetSystemInfo
> ole32.dll: StgCreateDocfileOnILockBytes, StgOpenStorageOnILockBytes,
CoGetClassObject, CoDisconnectObject, DoDragDrop, OleGetClipboard,
RevokeDragDrop, CoLockObjectExternal, RegisterDragDrop, CLSIDFromString,
CLSIDFromProgID, OleInitialize, CoFreeUnusedLibraries, OleUninitialize,
3/5
23/04/2010
OleDuplicateData, ReleaseStgMedium, CoWaitForMultipleHandles, CoCreateGuid,
CoTaskMemAlloc, CoTaskMemRealloc, CoTaskMemFree, CoSetProxyBlanket,
CoUninitialize, CoInitializeEx, StringFromGUID2, CoCreateInstance,
CoRegisterMessageFilter, CreateStreamOnHGlobal, OleDestroyMenuDescriptor,
OleCreateMenuDescriptor, IsAccelerator, OleIsCurrentClipboard,
OleTranslateAccelerator, CoRevokeClassObject, OleFlushClipboard,
CreateILockBytesOnHGlobal
> oleaut32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, > oledlg.dll: OleUIBusyW
> shell32.dll: ShellExecuteW, ExtractIconW, DragQueryFileW, DragFinish,
SHGetFileInfoW, SHCreateDirectoryExW, DragAcceptFiles,
SHGetSpecialFolderPathW, SHGetFolderPathW
> shlwapi.dll: PathStripToRootW, PathIsUNCW, PathFindFileNameW,
PathFindExtensionW, PathRemoveFileSpecW, UrlCreateFromPathW, PathAppendW,
UrlCompareW, UrlCanonicalizeW
> user32.dll: CopyAcceleratorTableW, InvalidateRgn, LockWindowUpdate,
PostThreadMessageW, GetNextDlgGroupItem, MessageBeep, DestroyIcon,
SetWindowRgn, CreateMenu, GetTabbedTextExtentA, UnregisterClassW,
DestroyCursor, ShowOwnedPopups, SetWindowContextHelpId,
RegisterClipboardFormatW, PostQuitMessage, GetMessageW, TranslateMessage,
ValidateRect, MapDialogRect, SetParent, GetSystemMenu, WindowFromPoint,
UnionRect, GetMenuItemInfoW, UnpackDDElParam, ReuseDDElParam, DestroyMenu,
InsertMenuItemW, SetRectEmpty, BringWindowToTop, CharUpperW,
GetWindowThreadProcessId, EndPaint, BeginPaint, GetWindowDC, GrayStringW,
DrawTextExW, TabbedTextOutW, ShowWindow, MoveWindow, SetWindowTextW,
IsDialogMessageW, SetDlgItemTextW, SetMenuItemBitmaps,
GetMenuCheckMarkDimensions, ModifyMenuW, EnableMenuItem, CheckMenuItem,
SendDlgItemMessageW, SendDlgItemMessageA, WinHelpW, GetCapture,
SetWindowsHookExW, CallNextHookEx, GetClassNameW, SetPropW, GetPropW,
RemovePropW, GetForegroundWindow, GetLastActivePopup, DispatchMessageW,
GetTopWindow, UnhookWindowsHookEx, GetMessageTime, GetMessagePos,
PeekMessageW, MapWindowPoints, ScrollWindow, TrackPopupMenu, SetMenu,
SetScrollRange, GetScrollRange, ShowScrollBar, MessageBoxW, CreateWindowExW,
GetClassInfoExW, GetClassInfoW, RegisterClassW, AdjustWindowRectEx,
EqualRect, DeferWindowPos, GetScrollInfo, SetScrollInfo, SetWindowPlacement,
GetDlgCtrlID, DefWindowProcW, GetMenu, SetWindowPos, SystemParametersInfoA,
GetWindowPlacement, GetWindowTextLengthW, GetScrollPos, SetScrollPos,
GetWindow, SetFocus, GetActiveWindow, SetActiveWindow,
CreateDialogIndirectParamW, DestroyWindow, IsWindowEnabled,
GetNextDlgTabItem, EndDialog, GetMenuState, GetMenuStringW, GetMenuItemID,
InsertMenuW, RemoveMenu, GetClipboardData, CloseClipboard, SetClipboardData,
EmptyClipboard, OpenClipboard, IsClipboardFormatAvailable, EnableWindow,
LoadBitmapW, SendMessageW, SetTimer, KillTimer, EnumWindows, GetWindowTextW,
SetForegroundWindow, ScreenToClient, EnableScrollBar, GetDlgItem, DrawTextW,
SetCaretPos, CreateCaret, ShowCaret, HideCaret, GetAsyncKeyState, wsprintfA,
UpdateWindow, CharNextW, DrawEdge, InvalidateRect, GetWindowLongW, DrawIcon,
GetSystemMetrics, CallWindowProcW, SetWindowLongW, GetKeyState, GetCursorPos,
IsChild, GetDCEx, GetClassLongW, OffsetRect, ClientToScreen, IsRectEmpty,
GetSysColor, CopyRect, InflateRect, FillRect, DrawFocusRect, FrameRect,
GetParent, GetClientRect, PtInRect, GetDC, ReleaseDC, LoadIconW, LoadImageW,
LoadCursorW, SetCursor, GetSubMenu, DeleteMenu, SystemParametersInfoW,
GetWindowRect, GetDesktopWindow, IntersectRect, IsIconic, IsZoomed,
IsWindowVisible, LoadMenuW, CreatePopupMenu, AppendMenuW, GetMenuItemCount,
GetFocus, PostMessageW, LoadAcceleratorsW, IsWindow, SetCapture,
ReleaseCapture, SetRect, TranslateAcceleratorW, wsprintfW, RedrawWindow,
GetSysColorBrush, BeginDeferWindowPos, EndDeferWindowPos,
RegisterWindowMessageW
> version.dll: GetFileVersionInfoW, GetFileVersionInfoA,
GetFileVersionInfoSizeA, VerQueryValueA
> winspool.drv: ClosePrinter, DocumentPropertiesW, OpenPrinterW, GetJobW
> wintrust.dll: WinVerifyTrust
4/5
23/04/2010
( 0 exports )
TrID : File type identification
Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Symantec reputation: Suspicious.Insight
http://www.symantec.com/security_response/writeup.jsp?docid=2010-021223-055099
ssdeep:
24576:oDm95++zV5JscqmpF/6KzVdlnPtE7FBMRbmIKeN24p7:HbXrfVdlnPu7FBMRiLk77
sigcheck: publisher....: Adersoft
copyright....: Copyright Adersoft (C) 2001-2010
product......: Adersoft HtaEdit
description..: .hta files editor
original name: htaedit.exe
internal name: htaedit
file version.: 3, 2, 1, 0
comments.....: .hta files editor
signers......: Adersoft
UTN-USERFirst-Object
signing date.: 11:54 AM 4/23/2010
verified.....: PEiD
: -
RDS
-
: NSRL Reference Data Set
ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no
guarantees about the availability and continuity of this service. Although the detection rate
afforded by the use of multiple antivirus engines is far superior to that offered by just one
product, these results DO NOT guarantee the harmlessness of a file. Currently, there is
not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
VirusTotal © Hispasec Sistemas -
Blog - Contact: [email protected] - Terms of Service & Privacy Policy
5/5

Virustotal. MD5: 3a158263acfcd934ff2957a55c4f6b98

Transcription

Similar documents

下载 - 魔盾安全分析

EXPLORER.EXE Virustotal. MD5_ a1c67e6866