2006-08-16 00:40:48
97e58f60d513fd55ab0fcf0d63373be5
| Name | Virtual Address | Virtual Size | Size of Raw Data | Entropy |
|---|---|---|---|---|
| .text | 0x00001000 | 0x0000a8b0 | 0x0000b000 | 5.36983605609 |
| .data | 0x0000c000 | 0x000014e0 | 0x00001000 | 0.0 |
| .rsrc | 0x0000e000 | 0x0000d9fc | 0x0000d9fc | 2.86196812302 |
| Name | Offset | Size | Language | Sub-language | File type |
|---|---|---|---|---|---|
| RT_ICON | 0x0000e2e0 | 0x00001ca8 | LANG_NEUTRAL | SUBLANG_NEUTRAL | Device independent bitmap graphic, 48 x 96 x 24, image size 7296 |
| RT_GROUP_ICON | 0x0000e2cc | 0x00000014 | LANG_NEUTRAL | SUBLANG_NEUTRAL | data |
| RT_VERSION | 0x0000e0f0 | 0x000001dc | LANG_ENGLISH | SUBLANG_ENGLISH_US | data |
| Antivirus | Signature |
|---|---|
| Bkav | W32.AIDetectMalware |
| Lionic | Clean |
| Elastic | malicious (high confidence) |
| ClamAV | Win.Worm.Sality-6823315-0 |
| CMC | Clean |
| CAT-QuickHeal | Worm.Codungi.A6 |
| Skyhigh | BehavesLike.Win32.Generic.kt |
| ALYac | Gen:Variant.Graftor.27488 |
| Cylance | Unsafe |
| Zillya | Clean |
| Sangfor | Trojan.Win32.Save.a |
| CrowdStrike | win/malicious_confidence_100% (D) |
| Alibaba | Worm:Win32/YahLover.f0f3c42d |
| K7GW | Clean |
| K7AntiVirus | Clean |
| huorong | TrojanDropper/Agent.fr |
| Baidu | Win32.Trojan-Downloader.VB.b |
| VirIT | Trojan.Win32.Citem.AKJ |
| Paloalto | Clean |
| Symantec | Trojan.Gen.MBT |
| tehtris | Clean |
| ESET-NOD32 | a variant of Win32/VB.OPS |
| APEX | Malicious |
| Avast | Win32:VB-GNM [Wrm] |
| Cynet | Malicious (score: 100) |
| Kaspersky | HEUR:Trojan.Win32.Generic |
| BitDefender | Gen:Variant.Graftor.27488 |
| NANO-Antivirus | Virus.Win32.Gen.ccmw |
| ViRobot | Trojan.Win32.Agent.975360 |
| MicroWorld-eScan | Gen:Variant.Graftor.27488 |
| Tencent | Trojan.Win32.VB.tpa |
| Sophos | Mal/Generic-S |
| F-Secure | Clean |
| DrWeb | Worm.Siggen.6336 |
| VIPRE | Gen:Variant.Graftor.27488 |
| TrendMicro | WORM_IMAUT.SME |
| McAfeeD | Clean |
| Trapmine | malicious.high.ml.score |
| CTX | exe.unknown.graftor |
| Emsisoft | Gen:Variant.Graftor.27488 (B) |
| Ikarus | IM-Worm.Win32.VB |
| FireEye | Generic.mg.39d244873d52a06b |
| Jiangmin | Trojan.Generic.kkjm |
| Webroot | Clean |
| Varist | W32/A-9d091a78!Eldorado |
| Avira | Clean |
| Fortinet | W32/Generic.WBNA!tr |
| Antiy-AVL | Trojan/Win32.VB |
| Kingsoft | Win32.Troj.Agent.cks |
| Gridinsoft | Trojan.Win32.Wacatac.dd!n |
| Xcitium | TrojWare.Win32.VB.IOK@54rlsj |
| Arcabit | Trojan.Graftor.D6B60 |
| SUPERAntiSpyware | Clean |
| Microsoft | Trojan:Win32/Vindor!pz |
| Detected | |
| AhnLab-V3 | Clean |
| Acronis | Clean |
| McAfee | W32/YahLover.worm.aa |
| TACHYON | Clean |
| VBA32 | Clean |
| Malwarebytes | Generic.Malware.AI.DDS |
| Panda | Generic Malware |
| Zoner | Probably Heur.ExeHeaderL |
| TrendMicro-HouseCall | WORM_IMAUT.SME |
| Rising | Worm.VB!1.B58C (CLASSIC) |
| Yandex | Trojan.GenAsa!ZvQRCbQAx6I |
| SentinelOne | Static AI - Malicious PE |
| MaxSecure | Trojan.Malware.7164915.susgen |
| GData | Gen:Variant.Graftor.27488 |
| AVG | Win32:VB-GNM [Wrm] |
| DeepInstinct | MALICIOUS |
| alibabacloud | Trojan[dropper]:Win/VB.OCU |
| IRMA | Signature |
|---|---|
| ESET Security (Windows) | a variant of Win32/VB.OPS worm |
| Avast Core Security (Linux) | Win32:VB-GNM [Wrm] |
| C4S ClamAV (Linux) | Win.Worm.Sality-6823315-0 |
| F-Secure Antivirus (Linux) | Clean |
| McAfee CLI scanner (Linux) | W32/YahLover.worm.aa virus |
| Bitdefender Antivirus (Linux) | Gen:Variant.Graftor.27488 |
| G Data Antivirus (Windows) | Virus: Gen:Variant.Graftor.27488 (Engine A) |
| Sophos Anti-Virus (Linux) | Mal/Generic-S |
| DrWeb Antivirus (Linux) | Worm.Siggen.6336 |
| Trend Micro SProtect (Linux) | WORM_IMAUT.SME |
| ClamAV (Linux) | Win.Worm.Sality-6823315-0 |
| eScan Antivirus (Linux) | Gen:Variant.Graftor.27488(DB) |
| Kaspersky Standard (Windows) | HEUR:Trojan.Win32.Generic |
| Emsisoft Commandline Scanner (Windows) | Gen:Variant.Graftor.27488 (B) |