|
Registered User
Join Date: Oct 2008
Posts: 7
OS: Windows XP Professional
|
Re: b.exe malware bug
Hello,
Here are the Results:
Antivirus Version Last Update Result
AhnLab-V3 2008.10.10.1 2008.10.10 Win32/Sambud.worm.3852143
AntiVir 7.8.1.34 2008.10.11 Worm/Sambud.AC
Authentium 5.1.0.4 2008.10.11 -
Avast 4.8.1248.0 2008.10.11 Win32:Trojan-gen {Other}
AVG 8.0.0.161 2008.10.11 -
BitDefender 7.2 2008.10.12 Worm.Generic.26583
CAT-QuickHeal 9.50 2008.10.11 I-Worm.Sambud.ac
ClamAV 0.93.1 2008.10.11 -
DrWeb 4.44.0.09170 2008.10.12 -
eSafe 7.0.17.0 2008.10.08 P2P-Win32.Sambud.ac
eTrust-Vet 31.6.6141 2008.10.10 -
Ewido 4.0 2008.10.11 Worm.Sambud.ac
F-Prot 4.4.4.56 2008.10.11 -
F-Secure 8.0.14332.0 2008.10.12 P2P-Worm.Win32.Sambud.ac
Fortinet 3.113.0.0 2008.10.11 -
GData 19 2008.10.12 Worm.Generic.26583
Ikarus T3.1.1.34.0 2008.10.11 P2P-Worm.Win32.Sambud.ac
K7AntiVirus 7.10.491 2008.10.11 P2P-Worm.Win32.Sambud.ac
Kaspersky 7.0.0.125 2008.10.12 P2P-Worm.Win32.Sambud.ac
McAfee 5403 2008.10.11 -
Microsoft 1.4005 2008.10.12 -
NOD32 3515 2008.10.11 -
Norman 5.80.02 2008.10.10 -
Panda 9.0.0.4 2008.10.11 -
PCTools 4.4.2.0 2008.10.11 -
Prevx1 V2 2008.10.12 Worm
Rising 20.65.42.00 2008.10.10 -
SecureWeb-Gateway 6.7.6 2008.10.11 Worm.Sambud.AC
Sophos 4.34.0 2008.10.11 -
Sunbelt 3.1.1715.1 2008.10.11 P2P-Worm.Win32.Sambud.ac
Symantec 10 2008.10.12 -
TheHacker 6.3.1.0.108 2008.10.11 -
TrendMicro 8.700.0.1004 2008.10.10 -
VBA32 3.12.8.6 2008.10.12 P2P-Worm.Win32.Sambud.ac
ViRobot 2008.10.10.1416 2008.10.10 -
VirusBuster 4.5.11.0 2008.10.11 -
Additional information
File size: 3852143 bytes
MD5...: 7d3c351e9e60be32840c82bd0a7c7e44
SHA1..: f6f11bfcf4110f107cac51fde0b86d9967d81184
SHA256: ce525f0a76f03c74c321754f79dbd404e61aa110d93223388928cabf1cfbec71
SHA512: 8cdf05848df90951b6e88318b07e9848982810af767050ea1ab9debe649edec1
22fbaa3c28aac4c8c635db2e62932894326c5aa409ef0138e273b6888ccd8593
PEiD..: -
TrID..: File type identification
Win32 EXE PECompact compressed (generic) (65.1%)
Win32 Executable Generic (13.3%)
Win32 Dynamic Link Library (generic) (11.8%)
Win16/32 Executable Delphi generic (3.2%)
Generic Win/DOS Executable (3.1%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x47b7ac
timedatestamp.....: 0x47bf291f (Fri Feb 22 19:57:19 2008)
machinetype.......: 0x14c (I386)
( 8 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x79d58 0x79e00 6.53 e9e02a25ffca87f7ecf1ace2ecfec733
.itext 0x7b000 0x7f8 0x800 6.26 d9b3af541ee7ca2fd8bd3e7698d62de9
.data 0x7c000 0x1fbc 0x2000 3.78 8245c436718ca5be0b96ea0069fef274
.bss 0x7e000 0x4e20 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x83000 0x2bb6 0x2c00 5.08 cfeffcb426956ebfce5a2205a5de6c41
.reloc 0x86000 0x8948 0x8a00 6.66 ec16237362b6ef817ebca0c8bf087304
.rsrc 0x8f000 0x7a00 0x7a00 4.91 db9730e7cb90e3f1dd2ac7e6fdf18925
.debug 0x97000 0x31cd6f 0x31cd6f 5.03 2a8019268c319841b56f77370f74a666
( 17 imports )
> oleaut32.dll: SysFreeString, SysReAllocStringLen, SysAllocStringLen
> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
> user32.dll: GetKeyboardType, DestroyWindow, LoadStringA, MessageBoxA, CharNextA
> kernel32.dll: GetACP, Sleep, VirtualFree, VirtualAlloc, GetCurrentThreadId, InterlockedDecrement, InterlockedIncrement, VirtualQuery, WideCharToMultiByte, MultiByteToWideChar, lstrlenA, lstrcpynA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, ExitProcess, ExitThread, CreateThread, CompareStringA, WriteFile, UnhandledExceptionFilter, RtlUnwind, RaiseException, GetStdHandle
> kernel32.dll: TlsSetValue, TlsGetValue, TlsFree, TlsAlloc, LocalFree, LocalAlloc
> user32.dll: CreateWindowExA, WindowFromPoint, WaitMessage, UpdateWindow, UnregisterClassA, UnhookWindowsHookEx, TranslateMessage, TranslateMDISysAccel, TrackPopupMenu, SystemParametersInfoA, ShowWindow, ShowScrollBar, ShowOwnedPopups, SetWindowsHookExA, SetWindowTextA, SetWindowPos, SetWindowPlacement, SetWindowLongW, SetWindowLongA, SetTimer, SetScrollRange, SetScrollPos, SetScrollInfo, SetRect, SetPropA, SetParent, SetMenuItemInfoA, SetMenu, SetForegroundWindow, SetFocus, SetCursor, SetClipboardData, SetClassLongA, SetCapture, SetActiveWindow, SendMessageW, SendMessageA, ScrollWindow, ScreenToClient, RemovePropA, RemoveMenu, ReleaseDC, ReleaseCapture, RegisterWindowMessageA, RegisterClipboardFormatA, RegisterClassA, RedrawWindow, PtInRect, PostQuitMessage, PostMessageA, PeekMessageW, PeekMessageA, OpenClipboard, OffsetRect, OemToCharA, MsgWaitForMultipleObjectsEx, MsgWaitForMultipleObjects, MessageBoxA, MessageBeep, MapWindowPoints, MapVirtualKeyA, LoadStringA, LoadKeyboardLayoutA, LoadIconA, LoadCursorA, LoadBitmapA, KillTimer, IsZoomed, IsWindowVisible, IsWindowUnicode, IsWindowEnabled, IsWindow, IsRectEmpty, IsIconic, IsDialogMessageW, IsDialogMessageA, IsChild, InvalidateRect, IntersectRect, InsertMenuItemA, InsertMenuA, InflateRect, GetWindowThreadProcessId, GetWindowTextA, GetWindowRect, GetWindowPlacement, GetWindowLongW, GetWindowLongA, GetWindowDC, GetTopWindow, GetSystemMetrics, GetSystemMenu, GetSysColorBrush, GetSysColor, GetSubMenu, GetScrollRange, GetScrollPos, GetScrollInfo, GetPropA, GetParent, GetWindow, GetMessagePos, GetMenuStringA, GetMenuState, GetMenuItemInfoA, GetMenuItemID, GetMenuItemCount, GetMenu, GetLastActivePopup, GetKeyboardState, GetKeyboardLayoutNameA, GetKeyboardLayoutList, GetKeyboardLayout, GetKeyState, GetKeyNameTextA, GetIconInfo, GetForegroundWindow, GetFocus, GetDlgItem, GetDesktopWindow, GetDCEx, GetDC, GetCursorPos, GetCursor, GetClipboardData, GetClientRect, GetClassLongA, GetClassInfoA, GetCapture, GetActiveWindow, FrameRect, FindWindowExA, FindWindowA, FillRect, EqualRect, EnumWindows, EnumThreadWindows, EnumChildWindows, EndPaint, EnableWindow, EnableScrollBar, EnableMenuItem, EmptyClipboard, DrawTextA, DrawMenuBar, DrawIconEx, DrawIcon, DrawFrameControl, DrawFocusRect, DrawEdge, DispatchMessageW, DispatchMessageA, DestroyWindow, DestroyMenu, DestroyIcon, DestroyCursor, DeleteMenu, DefWindowProcA, DefMDIChildProcA, DefFrameProcA, CreatePopupMenu, CreateMenu, CreateIcon, CloseClipboard, ClientToScreen, CheckMenuItem, CallWindowProcA, CallNextHookEx, BeginPaint, CharNextA, CharLowerBuffA, CharLowerA, CharUpperBuffA, CharToOemA, AdjustWindowRectEx, ActivateKeyboardLayout
> gdi32.dll: UnrealizeObject, StretchBlt, SetWindowOrgEx, SetWinMetaFileBits, SetViewportOrgEx, SetTextColor, SetStretchBltMode, SetROP2, SetPixel, SetEnhMetaFileBits, SetDIBColorTable, SetBrushOrgEx, SetBkMode, SetBkColor, SelectPalette, SelectObject, SaveDC, RestoreDC, Rectangle, RectVisible, RealizePalette, Polyline, PlayEnhMetaFile, PatBlt, MoveToEx, MaskBlt, LineTo, IntersectClipRect, GetWindowOrgEx, GetWinMetaFileBits, GetTextMetricsA, GetTextExtentPointA, GetTextExtentPoint32A, GetSystemPaletteEntries, GetStockObject, GetRgnBox, GetPixel, GetPaletteEntries, GetObjectA, GetEnhMetaFilePaletteEntries, GetEnhMetaFileHeader, GetEnhMetaFileBits, GetDeviceCaps, GetDIBits, GetDIBColorTable, GetDCOrgEx, GetCurrentPositionEx, GetClipBox, GetBrushOrgEx, GetBitmapBits, ExtTextOutA, ExcludeClipRect, DeleteObject, DeleteEnhMetaFile, DeleteDC, CreateSolidBrush, CreatePenIndirect, CreatePalette, CreateHalftonePalette, CreateFontIndirectA, CreateDIBitmap, CreateDIBSection, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, CopyEnhMetaFileA, BitBlt
> version.dll: VerQueryValueA, GetFileVersionInfoSizeA, GetFileVersionInfoA
> kernel32.dll: lstrcpyA, lstrcmpA, WriteFile, WaitForSingleObject, WaitForMultipleObjectsEx, VirtualQuery, VirtualAlloc, UnmapViewOfFile, SizeofResource, SetThreadPriority, SetThreadLocale, SetFilePointer, SetEvent, SetErrorMode, SetEndOfFile, ResumeThread, ResetEvent, ReleaseSemaphore, ReadFile, OutputDebugStringA, OpenFileMappingA, MulDiv, MapViewOfFile, LockResource, LoadResource, LoadLibraryA, LeaveCriticalSection, IsBadWritePtr, IsBadReadPtr, InitializeCriticalSection, GlobalUnlock, GlobalLock, GlobalFree, GlobalFindAtomA, GlobalDeleteAtom, GlobalAlloc, GlobalAddAtomA, GetVersionExA, GetVersion, GetTickCount, GetThreadLocale, GetStdHandle, GetProcessAffinityMask, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLocalTime, GetLastError, GetFullPathNameA, GetExitCodeThread, GetDiskFreeSpaceA, GetDateFormatA, GetCurrentThreadId, GetCurrentProcessId, GetCurrentProcess, GetCPInfo, FreeResource, InterlockedIncrement, InterlockedExchange, InterlockedDecrement, FreeLibraryAndExitThread, FreeLibrary, FormatMessageA, FindResourceA, EnumCalendarInfoA, EnterCriticalSection, DeleteFileA, DeleteCriticalSection, CreateThread, CreateSemaphoreA, CreateFileA, CreateEventA, CompareStringA, CloseHandle
> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegFlushKey, RegCloseKey
> IMAGEHLP.DLL: SymGetSymFromName
> kernel32.dll: Sleep
> ole32.dll: CLSIDFromString
> ole32.dll: CoTaskMemFree, CoTaskMemAlloc, CoCreateInstance
> oleaut32.dll: SafeArrayPtrOfIndex, SafeArrayGetUBound, SafeArrayGetLBound, SafeArrayCreate, VariantChangeType, VariantCopy, VariantClear, VariantInit
> comctl32.dll: _TrackMouseEvent, ImageList_SetIconSize, ImageList_GetIconSize, ImageList_Write, ImageList_Read, ImageList_GetDragImage, ImageList_DragShowNolock, ImageList_DragMove, ImageList_DragLeave, ImageList_DragEnter, ImageList_EndDrag, ImageList_BeginDrag, ImageList_Remove, ImageList_DrawEx, ImageList_Draw, ImageList_GetBkColor, ImageList_SetBkColor, ImageList_Add, ImageList_SetImageCount, ImageList_GetImageCount, ImageList_Destroy, ImageList_Create, InitCommonControls
> comdlg32.dll: GetSaveFileNameA, GetOpenFileNameA
Thanks
|