文件 QQ:
2010Beta_VIP.exe 接收于 2010.05.18 13:02:28 (UTC)
当前状态: 正在读取 ... 队列中 等待中 扫描中 完成 未发现 停止
结果: 14/41 (34.15%)
正在读取服务器信息中...
您的文件所排队列位置: 4.
预计开始时间为 63 和 90 秒之间.
扫描完成前请勿关闭窗口.
目前针对您的文件所进行的扫描进程已停止, 我们将会在稍后恢复.
如果您的等候时间超过 5 分钟, 请重新发送文件.
您的文件目前正在被 VirusTotal 扫描中,
结果将会稍后完成时生成.
格式化文本 打印结果 您的文件已过期或不存在.
目前服务已停止, 您的文件将会稍后的未知时间内进行扫描 (位置: ).
您可以继续等待回应 (自动读取) 或者在下面的表单内输入您的电子邮件地址, 并按下 "获取", 当扫描完成时, 系统会自动给您发送电子邮件通知. Email:
反病毒引擎 版本 最后更新 扫描结果
a-squared 4.5.0.50 2010.05.10 Trojan-Downloader.Win32.NSIS!IK
AhnLab-V3 2010.05.18.01 2010.05.18 -
AntiVir 8.2.1.242 2010.05.18 -
Antiy-AVL 2.0.3.7 2010.05.18 -
Authentium 5.2.0.5 2010.05.18 -
Avast 4.8.1351.0 2010.05.18 -
Avast5 5.0.332.0 2010.05.18 -
AVG 9.0.0.787 2010.05.18 -
BitDefender 7.2 2010.05.18 Trojan.Generic.3262850
CAT-QuickHeal 10.00 2010.05.18 -
ClamAV 0.96.0.3-git 2010.05.18 -
Comodo 4872 2010.05.18 -
DrWeb 5.0.2.03300 2010.05.18 -
eSafe 7.0.17.0 2010.05.17 Win32.TrojanHorse
eTrust-Vet 35.2.7496 2010.05.18 -
F-Prot 4.5.1.85 2010.05.18 -
F-Secure 9.0.15370.0 2010.05.18 Trojan.Generic.3262850
Fortinet 4.1.133.0 2010.05.18 -
GData 21 2010.05.18 Trojan.Generic.3262850
Ikarus T3.1.1.84.0 2010.05.18 Trojan-Downloader.Win32.NSIS
Jiangmin 13.0.900 2010.05.18 -
Kaspersky 7.0.0.125 2010.05.18 -
McAfee 5.400.0.1158 2010.05.18 -
McAfee-GW-Edition 2010.1 2010.05.18 Artemis!C677B8CF13DC
Microsoft 1.5802 2010.05.18 -
NOD32 5124 2010.05.18 probably a variant of Win32/HackTool.Patcher.A
Norman 6.04.12 2010.05.18 -
nProtect 2010-05-18.01 2010.05.18 -
Panda 10.0.2.7 2010.05.17 Trj/CI.A
PCTools 7.0.3.5 2010.05.18 Voronezh.1600.A
Prevx 3.0 2010.05.18 -
Rising 22.48.01.02 2010.05.18 -
Sophos 4.53.0 2010.05.18 Troj/QPatch-A
Sunbelt 6317 2010.05.18 Trojan.Win32.Generic!BT
Symantec 20101.1.0.89 2010.05.18 -
TheHacker 6.5.2.0.281 2010.05.17 -
TrendMicro 9.120.0.1004 2010.05.18 PAK_Generic.001
TrendMicro-HouseCall 9.120.0.1004 2010.05.18 -
VBA32 3.12.12.5 2010.05.18 -
ViRobot 2010.5.18.2322 2010.05.18 -
VirusBuster 5.0.27.0 2010.05.18 HackTool.Patcher.IF
附加信息
File size: 102585 bytes
MD5...: c677b8cf13dc15006f2f464569170a0a
SHA1..: 5a70087580df5c48c8126d0fe1bb267f14d185cb
SHA256: e217a85f964d8b642d419541d3e638fb2157055cd8027dc78a76c27320c3016a
ssdeep: 1536:qgp2ZUpdi1t0ebAYiAGoFowxRHd1LsVZUMZ5wybOcH2EPBjhJ1E5Jg/po6v
IyVcY:qgQWi1lDiABHTeZUX+BHlPB31E6x
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x343d0
timedatestamp.....: 0x4a3ab2a7 (Thu Jun 18 21:33:27 2009)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0x2f000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0x30000 0x5000 0x4600 7.87 1892037adf9a1986d9aa99db21ad7eec
.rsrc 0x35000 0x5000 0x4a00 4.87 a9064e9736937c3e7d4912909ffb0087
( 8 imports )
> KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree, ExitProcess
> ADVAPI32.dll: RegEnumKeyA
> COMCTL32.dll: -
> GDI32.dll: SetBkMode
> ole32.dll: CoTaskMemFree
> SHELL32.dll: ShellExecuteA
> USER32.dll: GetDC
> VERSION.dll: VerQueryValueA
( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
Symantec Reputation Network: Suspicious.Insight http://www.symantec.com/security_response/writeup.jsp?docid=2010-021223-0550-99
ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx?md5=c677b8cf13dc15006f2f464569170a0a' target='_blank'>http://www.threatexpert.com/report.aspx?md5=c677b8cf13dc15006f2f464569170a0a</a>
packers (Kaspersky): PE_Patch.UPX, UPX, UPX
packers (F-Prot): NSIS, UPX
sigcheck:
publisher....: _____
copyright....: ____ (C) _____
product......: QQ:
2010_____ v1.90
description..: QQ:
2010_____ v1.90
original name: n/a
internal name: n/a
file version.: 1.9.0.0201
comments.....: QQ:
2010_____
signers......: -
signing date.: -
verified.....: Unsigned