サイトにアクセスするとダウンロードさせようとするファイル(adobe_flash.exe)をスキャンした結果
ファイル名 adobe_flash_1_.exe 受理 2008.08.10 12:03:01 (CET) | |||
アンチウイルス | バージョン | 更新日 | 結果 |
AhnLab-V3 | 2008.8.9.0 | 2008.08.08 | - |
AntiVir | 7.8.1.19 | 2008.08.09 | TR/Crypt.XPACK.Gen |
Authentium | 5.1.0.4 | 2008.08.10 | - |
Avast | 4.8.1195.0 | 2008.08.09 | - |
AVG | 8.0.0.156 | 2008.08.09 | I-Worm/Nuwar.V |
BitDefender | 7.2 | 2008.08.10 | Trojan.Downloader.Exchanger.Gen.2 |
CAT-QuickHeal | 9.50 | 2008.08.08 | (Suspicious) - DNAScan |
ClamAV | 0.93.1 | 2008.08.10 | Trojan.Downloader.Exchanger-14 |
DrWeb | 4.44.0.09170 | 2008.08.09 | Trojan.DownLoad.3248 |
eSafe | 7.0.17.0 | 2008.08.07 | Suspicious File |
eTrust-Vet | 31.6.6019 | 2008.08.08 | - |
Ewido | 4.0 | 2008.08.10 | - |
F-Prot | 4.4.4.56 | 2008.08.10 | - |
F-Secure | 7.60.13501.0 | 2008.08.10 | Trojan-Downloader:W32/Exchanger.AI |
Fortinet | 3.14.0.0 | 2008.08.10 | W32/Agent.XPA!tr |
GData | 2.0.7306.1023 | 2008.08.10 | Trojan-Downloader.Win32.Exchanger.lj |
Ikarus | T3.1.1.34.0 | 2008.08.10 | Win32.SuspectCrc |
K7AntiVirus | 7.10.408 | 2008.08.09 | - |
Kaspersky | 7.0.0.125 | 2008.08.10 | Trojan-Downloader.Win32.Exchanger.lj |
McAfee | 5357 | 2008.08.08 | - |
Microsoft | 1.3807 | 2008.08.10 | Trojan:Win32/Tibs.gen!K |
NOD32v2 | 3343 | 2008.08.10 | a variant of Win32/Agent.ETH |
Norman | 5.80.02 | 2008.08.08 | - |
Panda | 9.0.0.4 | 2008.08.10 | - |
PCTools | 4.4.2.0 | 2008.08.09 | - |
Prevx1 | V2 | 2008.08.10 | Malware Dropper |
Rising | 20.56.41.00 | 2008.08.08 | - |
Sophos | 4.32.0 | 2008.08.10 | Mal/EncPk-DA |
Sunbelt | 3.1.1538.1 | 2008.08.09 | - |
Symantec | 10 | 2008.08.10 | Downloader |
TheHacker | 6.2.96.395 | 2008.08.08 | - |
TrendMicro | 8.700.0.1004 | 2008.08.08 | - |
VBA32 | 3.12.8.3 | 2008.08.09 | - |
ViRobot | 2008.8.8.1329 | 2008.08.08 | - |
VirusBuster | 4.5.11.0 | 2008.08.09 | - |
Webwasher-Gateway | 6.6.2 | 2008.08.10 | Trojan.Crypt.XPACK.Gen |
追加情報 | |||
File size: 78848 bytes | |||
MD5...: 0e41b670cbccce9051fb8d1188aebd0a | |||
SHA1..: d9a952ef59c5ee30e63b9d3dd781a7477911c866 | |||
SHA256: a5528757cd736d7a801443d0d4490b0d6d7c54a09e014afc240c62fd45ddadf6 | |||
SHA512: 1654e3b70376b817c9428007d26b34474f081e3082acdcbd3759b136d0dbe4f0 a04ba3c8da0d9ee1b84689d3b3f437f9595f3a4c763fed578d67ae201acc6cc4 | |||
PEiD..: - | |||
PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x4031ea timedatestamp.....: 0x48907860 (Wed Jul 30 14:19:12 2008) machinetype.......: 0x14c (I386) ( 3 sections ) name viradd virsiz rawdsiz ntrpy md5 .text 0x1000 0xdf67 0xc200 8.00 1669d4c46f67c2607e453e100d48dddb .rdata 0xf000 0x364e 0x2200 7.98 8415cf3708abe87d207cae6a2f2860be .data 0x13000 0x6000 0x4000 5.15 6721b9bd1e84b671acfbb5d3cbc4bdb1 ( 4 imports ) > MSVCRT.DLL: _itow, iswcntrl, isxdigit > ADVAPI32.DLL: LsaOpenSecret, RegUnLoadKeyW, UnlockServiceDatabase, RevertToSelf, LsaClose > WININET.DLL: InternetDialW, InternetGetCookieW, ShowCertificate, InternetSetCookieW, UrlZonesDetach > USER32.DLL: GetForegroundWindow, GetMenuStringW, GetScrollPos, LoadKeyboardLayoutW, SetDoubleClickTime, SendInput ( 0 exports ) | |||
Prevx info: http://info.prevx.com/aboutprogramtext.asp?PX5=8F3D24A4003F66983457019EED05CB00A97B99D5 |