0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware.
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name: HPZipm12L.dllSubmission date: 2011-04-01 12:52:03 (UTC)Current status:
finishedResult:
8/
42 (19.0%) |
VT Community
not reviewed Safety score: - |
Antivirus | Version | Last Update | Result |
---|---|---|---|
AhnLab-V3 | 2011.04.01.01 | 2011.04.01 | - |
AntiVir | 7.11.5.161 | 2011.04.01 | - |
Antiy-AVL | 2.0.3.7 | 2011.03.31 | - |
Avast | 4.8.1351.0 | 2011.04.01 | Win32:Malware-gen |
Avast5 | 5.0.677.0 | 2011.04.01 | Win32:Malware-gen |
AVG | 10.0.0.1190 | 2011.04.01 | Generic21.AYHF |
BitDefender | 7.2 | 2011.04.01 | Gen:Variant.Vundo.4 |
CAT-QuickHeal | 11.00 | 2011.04.01 | - |
ClamAV | 0.97.0.0 | 2011.04.01 | - |
Commtouch | 5.2.11.5 | 2011.03.24 | - |
Comodo | 8183 | 2011.04.01 | - |
DrWeb | 5.0.2.03300 | 2011.04.01 | - |
Emsisoft | 5.1.0.5 | 2011.04.01 | Gen.Variant.Vundo!IK |
eSafe | 7.0.17.0 | 2011.04.01 | - |
eTrust-Vet | 36.1.8247 | 2011.04.01 | - |
F-Prot | 4.6.2.117 | 2011.04.01 | - |
F-Secure | 9.0.16440.0 | 2011.03.23 | Gen:Variant.Vundo.4 |
Fortinet | 4.2.254.0 | 2011.04.01 | - |
GData | 22 | 2011.04.01 | Gen:Variant.Vundo.4 |
Ikarus | T3.1.1.103.0 | 2011.04.01 | Gen.Variant.Vundo |
Jiangmin | 13.0.900 | 2011.03.31 | - |
K7AntiVirus | 9.96.4269 | 2011.04.01 | - |
Kaspersky | 7.0.0.125 | 2011.04.01 | - |
McAfee | 5.400.0.1158 | 2011.04.01 | - |
McAfee-GW-Edition | 2010.1C | 2011.04.01 | - |
Microsoft | 1.6702 | 2011.04.01 | - |
NOD32 | 6005 | 2011.04.01 | - |
Norman | 6.07.03 | 2011.04.01 | - |
Panda | 10.0.3.5 | 2011.03.31 | - |
PCTools | 7.0.3.5 | 2011.04.01 | - |
Prevx | 3.0 | 2011.04.01 | - |
Rising | 23.51.03.06 | 2011.03.31 | - |
Sophos | 4.64.0 | 2011.04.01 | - |
SUPERAntiSpyware | 4.40.0.1006 | 2011.04.01 | - |
Symantec | 20101.3.2.89 | 2011.04.01 | - |
TheHacker | 6.7.0.1.164 | 2011.04.01 | - |
TrendMicro | 9.200.0.1012 | 2011.04.01 | - |
TrendMicro-HouseCall | 9.200.0.1012 | 2011.04.01 | - |
VBA32 | 3.12.14.3 | 2011.03.31 | - |
VIPRE | 8885 | 2011.04.01 | - |
ViRobot | 2011.4.1.4388 | 2011.04.01 | - |
VirusBuster | 13.6.280.0 | 2011.03.31 | - |
Additional information
|
---|
MD5 : ced3103e366d2eeac145639b080b3426 |
SHA1 : 77881085585c7ae773814c8f5d9083ed9ac466a5 |
SHA256: 675af79b0fe81efd43a36fa02469767bfe01107c6240eb05e01c15c572b5c587 |
ssdeep: 1536:9LRSYDJELTyDFuCsgfpM9UeZ0CfW3g3KEQBom6gbV/wAYQTQMxuWp:PSYDyv63lpM9R0Cf VQBoVgbV/VYjDc |
File size : 118784 bytes |
First seen: 2011-04-01 12:52:03 |
Last seen : 2011-04-01 12:52:03 |
TrID: Win32 Executable MS Visual C++ (generic) (65.2%) Win32 Executable Generic (14.7%) Win32 Dynamic Link Library (generic) (13.1%) Generic Win/DOS Executable (3.4%) DOS Executable Generic (3.4%) |
sigcheck: publisher....: Seswrqkme Irshxagykay copyright....: (c) Nzpmhmaky Bksrynteigs. All rights reserved. product......: Internet Information Services description..: Xaoatxjyx IIS Plugin DLL original name: IISLOG.DLL internal name: IISLOG.DLL file version.: 6.0.3790.3959 (srv03_sp2_rtm.070216-1710) comments.....: n/a signers......: - signing date.: - verified.....: Unsigned |
PEiD: Armadillo v1.xx - v2.xx |
PEInfo: PE structure information [[ basic data ]] entrypointaddress: 0x9B8A timedatestamp....: 0x47F7E871 (Sat Apr 05 21:00:33 2008) machinetype......: 0x14c (I386) [[ 5 section(s) ]] name, viradd, virsiz, rawdsiz, ntropy, md5 .text, 0x1000, 0xBC1E, 0xC000, 6.50, 2f9dd14f76499758023a1ab5b69a9d2a .rdata, 0xD000, 0x10AC, 0x2000, 3.40, c0d1c90d8949f1d6152729904f516dfc .data, 0xF000, 0x13F84, 0xC000, 4.36, ecc0317f6703c98b55a7c58d2819a519 .rsrc, 0x23000, 0x698, 0x1000, 1.71, 57371fdefdcfc6397a4120ee244f7216 .reloc, 0x24000, 0xE20, 0x1000, 5.70, 94fa5d5f878f59389d9c9da6642a0e85 [[ 5 import(s) ]] KERNEL32.dll: GetCurrentProcess, FindResourceExW, FindResourceW, LoadResource, LockResource, SizeofResource, OutputDebugStringA, GetVersion, GetFileAttributesW, GetProcAddress, GetModuleHandleA, LoadLibraryA, CloseHandle, GetStringTypeA, LCMapStringW, LCMapStringA, MultiByteToWideChar, GetOEMCP, GetACP, GetCPInfo, SetUnhandledExceptionFilter, GetEnvironmentStringsW, GetEnvironmentStrings, WideCharToMultiByte, FreeEnvironmentStringsW, FreeEnvironmentStringsA, GetStartupInfoA, GetFileType, GetStdHandle, SetHandleCount, ExitProcess, HeapReAlloc, VirtualFree, HeapCreate, HeapDestroy, GetVersionExA, GetEnvironmentVariableA, GetModuleFileNameA, RtlUnwind, HeapFree, HeapAlloc, UnhandledExceptionFilter, TerminateProcess, VirtualAlloc, GetProcessHeap, GetThreadLocale, GetStringTypeW, SetThreadLocale, ExpandEnvironmentStringsW, CreateThread, FormatMessageW, SetProcessWorkingSetSize, WaitForSingleObject, SetEvent, lstrcmpA, LocalAlloc, LocalFree, GetCommandLineA, WriteFile, VirtualProtect USER32.dll: GetSystemMetrics, SetCursor, GetParent, SetWindowTextW, GetDC, ReleaseDC, ShowWindow, SetWindowLongW, LoadCursorW, PostMessageW, GetScrollInfo, SetScrollInfo, MapWindowPoints, CreateWindowExW, DispatchMessageW, IsWindowVisible, IsWindowEnabled, TrackMouseEvent, GetSysColor, CallWindowProcW, GetWindowLongW, EnableWindow, DestroyIcon, FillRect, DrawIconEx, GetFocus, DrawFocusRect, GetDlgItem, SetRect, IsDialogMessageW, GetMessageW, PeekMessageW, TranslateMessage, LoadImageW, SendMessageW, LoadIconW, MoveWindow, GetWindowRect, GetClientRect, ScreenToClient, BeginPaint, EndPaint, InvalidateRect, SetFocus, DestroyWindow, DefWindowProcW, SystemParametersInfoW ADVAPI32.dll: AllocateAndInitializeSid, FreeSid, RegCloseKey, RegEnumKeyExW, CheckTokenMembership GDI32.dll: GetObjectW, SelectObject, CreateFontIndirectW, CreateCompatibleDC, GetDeviceCaps, CreateBitmap, CreateSolidBrush, BitBlt, DeleteObject, DeleteDC, SetTextColor ole32.dll: CoGetObject, CoInitializeEx, CoUninitialize |
ExifTool: file metadata CharacterSet: Unicode CodeSize: 49152 CompanyName: Seswrqkme Irshxagykay EntryPoint: 0x9b8a FileDescription: Xaoatxjyx IIS Plugin DLL FileFlagsMask: 0x003f FileOS: Windows NT 32-bit FileSize: 116 kB FileSubtype: 0 FileType: Win32 DLL FileVersion: 6.0.3790.3959 (srv03_sp2_rtm.070216-1710) FileVersionNumber: 6.0.3790.3959 ImageVersion: 5.1 InitializedDataSize: 98304 InternalName: IISLOG.DLL LanguageCode: English (U.S.) LegalCopyright: Nzpmhmaky Bksrynteigs. All rights reserved. LinkerVersion: 7.1 MIMEType: application/octet-stream MachineType: Intel 386 or later, and compatibles OSVersion: 4.0 ObjectFileType: Dynamic link library OriginalFilename: IISLOG.DLL PEType: PE32 ProductName: Internet Information Services ProductVersion: 6.0.3790.3959 ProductVersionNumber: 6.0.3790.3959 Subsystem: Windows GUI SubsystemVersion: 4.0 TimeStamp: 2008:04:05 23:00:33+02:00 UninitializedDataSize: 0 |
Symantec reputation:Suspicious.Insight |
VT Community
This file has never been reviewed by any VT Community member. Be the first one to comment on it!VirusTotal Team
ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
[b]text[/b] -- bold
[i]text[/i] -- italics
[u]text[/u] -- underline
[s]text[/s] -- strikethrough
[code]text[/code] -- preformatted text
You can also address comments to particular users using the "@" twitter-like mode. By prepending a "#" symbol to a word you can add custom tags to your comment, tags that can then be searched for.
Anonymous limit exceeded: anonymous users can only make one comment per file or URL, either sign in or register in order to continue making reviews on this item. Note that anonymous user discrimination is based on IP addresses, hence, it may be possible that another user behind your same proxy or NAT connection already made a review.