Unter virustotal.com erhalte ich für die Datei folgenden Bericht:
Datei foufoulihy.exe empfangen 2009.08.22 22:11:36 (UTC)
Antivirus Version letzte aktualisierung Ergebnis
a-squared 4.5.0.24 2009.08.22 Backdoor.Win32.Oderoor!IK
AhnLab-V3 5.0.0.2 2009.08.21 -
AntiVir 7.9.1.3 2009.08.21 TR/Crypt.ZPACK.Gen
Antiy-AVL 2.0.3.7 2009.08.21 -
Authentium 5.1.2.4 2009.08.22 -
Avast 4.8.1335.0 2009.08.22 -
AVG 8.5.0.406 2009.08.22 Generic14.ABBM
BitDefender 7.2 2009.08.22 -
CAT-QuickHeal 10.00 2009.08.22 -
ClamAV 0.94.1 2009.08.22 -
Comodo 2062 2009.08.23 -
DrWeb 5.0.0.12182 2009.08.22 -
eSafe 7.0.17.0 2009.08.20 -
eTrust-Vet 31.6.6694 2009.08.21 -
F-Prot 4.4.4.56 2009.08.22 -
F-Secure 8.0.14470.0 2009.08.21 -
Fortinet 3.120.0.0 2009.08.22 W32/Agent.JVX!tr
GData 19 2009.08.22 -
Ikarus T3.1.1.68.0 2009.08.22 Backdoor.Win32.Oderoor
Jiangmin 11.0.800 2009.08.21 -
K7AntiVirus 7.10.825 2009.08.22 -
Kaspersky 7.0.0.125 2009.08.22 -
McAfee 5717 2009.08.22 -
McAfee+Artemis 5717 2009.08.22 Artemis!D7BAAD93AC8E
McAfee-GW-Edition 6.8.5 2009.08.22 Trojan.Crypt.ZPACK.Gen
Microsoft 1.4903 2009.08.22 Backdoor:Win32/Oderoor.gen!H
NOD32 4359 2009.08.22 a variant of Win32/Kryptik.QI
Norman 6.01.09 2009.08.21 Inject.GDS
nProtect 2009.1.8.0 2009.08.22 -
Panda 10.0.0.14 2009.08.22 Trj/CI.A
PCTools 4.4.2.0 2009.08.22 -
Prevx 3.0 2009.08.23 Medium Risk Malware
Rising 21.43.50.00 2009.08.22 -
Sophos 4.44.0 2009.08.22 Troj/Agent-JVX
Sunbelt 3.2.1858.2 2009.08.22 -
Symantec 1.4.4.12 2009.08.22 -
TheHacker 6.3.4.3.386 2009.08.22 -
TrendMicro 8.950.0.1094 2009.08.22 -
VBA32 3.12.10.9 2009.08.22 -
ViRobot 2009.8.22.1897 2009.08.22 -
VirusBuster 4.6.5.0 2009.08.22 -
weitere Informationen
File size: 282624 bytes
MD5…: d7baad93ac8e75fa1ac0b31dea5cfb90
SHA1..: 3a5df956586102358d3a39bf88ad52e34a235496
SHA256: 27a363af8dd0495daef5cde677400261b5f495733afe0307c282e2ac2f9553b4
ssdeep: 6144:zT/OcGDjHwqIPQx4dTfLvxlCLLcTqJ6K3l0Mc70mjNw+PnJ:PlGDhIjdX3c<br>cTqJ6y0H70mBPn<br>
PEiD..: -
TrID..: File type identification<br>Win32 Executable Generic (42.3%)<br>Win32 Dynamic Link Library (generic) (37.6%)<br>Generic Win/DOS Executable (9.9%)<br>DOS Executable Generic (9.9%)<br>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x4508c<br>timedatestamp…..: 0x4a8c68c5 (Wed Aug 19 21:04:05 2009)<br>machinetype…….: 0x14c (I386)<br><br>( 4 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>.text 0x1000 0x44514 0x44600 6.84 aeac8029b4e1891a2a142b15650fdba7<br>.rdata 0x46000 0x35a 0x400 4.50 9606b381365fa944dcb3ba132113a76c<br>.data 0x47000 0x446 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.rsrc 0x48000 0x10 0x200 0.00 bf619eac0cdf3f68d496ea9344137e8b<br><br>( 2 imports ) <br>> kernel32.dll: CompareStringA, CreateProcessA, CreateThread, GetComputerNameA, GetCurrentProcess, GetDateFormatA, GetFileSize, GlobalUnlock, IsBadCodePtr, LoadLibraryA, LocalFree, LocalSize, MapViewOfFile, SetLastError, Sleep, WaitForSingleObject, WideCharToMultiByte, lstrcpynA, lstrlenA<br>> user32.dll: CreateWindowExW, DestroyIcon, EndPaint, FindWindowW, GetClientRect, IsChild, IsZoomed, RegisterClassW, RegisterHotKey, RemovePropW, SetMenuDefaultItem, SetScrollPos, UnionRect<br><br>( 0 exports ) <br>
PDFiD.: -
RDS…: NSRL Reference Data Set<br>-
Prevx info: <a href='
http://info.prevx.com/aboutprogramtext.asp?PX5=1B60DA9700F4C70050C704D3210A0700D3321179' target='_blank'>
http://info.prevx.com/aboutprogramtext.asp?PX5=1B60DA9700F4C70050C704D3210A0700D3321179</a>;
