那个OfflineActivation.exe也别去下载！

Showfom · 发表于 2008-12-3 03:56

隔壁看来的

反病毒引擎	版本	最后更新	扫描结果
AhnLab-V3	2008.12.2.2	2008.12.02	Win-Trojan/Xema.variant
AntiVir	7.9.0.36	2008.12.02	TR/Crypt.XDR.Gen
Authentium	5.1.0.4	2008.12.02	W32/Dropper.gen8!Maximus
Avast	4.8.1281.0	2008.12.01	Win32:Trojan-gen {Other}
AVG	8.0.0.199	2008.12.02	Generic12.NFE
BitDefender	7.2	2008.12.02	-
CAT-QuickHeal	10.00	2008.12.02	-
ClamAV	0.94.1	2008.12.02	-
DrWeb	4.44.0.09170	2008.12.02	-
eSafe	7.0.17.0	2008.11.30	-
eTrust-Vet	31.6.6238	2008.12.02	-
Ewido	4.0	2008.12.02	-
F-Prot	4.4.4.56	2008.12.01	W32/Dropper.gen8!Maximus
F-Secure	8.0.14332.0	2008.12.02	-
Fortinet	3.117.0.0	2008.12.02	-
GData	19	2008.12.02	Win32:Trojan-gen {Other}
Ikarus	T3.1.1.45.0	2008.12.02	Trojan-PWS.WOW.ajw.1
K7AntiVirus	7.10.539	2008.12.01	-
Kaspersky	7.0.0.125	2008.12.02	-
McAfee	5451	2008.12.01	-
McAfee+Artemis	5451	2008.12.01	-
Microsoft	1.4104	2008.12.02	-
NOD32	3658	2008.12.02	-
Norman	5.80.02	2008.12.02	-
Panda	9.0.0.4	2008.12.02	-
PCTools	4.4.2.0	2008.12.02	-
Prevx1	V2	2008.12.02	-
Rising	21.06.12.00	2008.12.02	-
SecureWeb-Gateway	6.7.6	2008.12.02	Trojan.Crypt.XDR.Gen
Sophos	4.36.0	2008.12.02	Sus/Behav-1018
Sunbelt	3.1.1832.2	2008.12.01	-
Symantec	10	2008.12.02	-
TheHacker	6.3.1.2.171	2008.12.02	-
TrendMicro	8.700.0.1004	2008.12.02	-
VBA32	3.12.8.9	2008.12.01	-
ViRobot	2008.12.2.1496	2008.12.02	-
VirusBuster	4.5.11.0	2008.12.01	-

附加信息

File size: 5206016 bytes

MD5...: 8a5e6acf386fcb54b33882a5b6a95869

SHA1..: 9c42796f4eeaf3d42c8abfc980f14d762ebe6009

SHA256: 4f0a45452e1b1cd49de56fb6c5a3fe68d56aea77c9763c3a0c029fcfa3e6225b

SHA512: de3d42ff3a9b90e710de62ed274c22bf7d8c28193311843aed7c9f23862f7f23
890ef8a99c11cd71745a158dae4b88e833d6e525b5fa9b45ba1b9a74823ea7d2

ssdeep: 98304:zAWGbDoIVUfFQQb6x8QRfwpsUQFNfWrVuRCbg33MMHwXGDRj1rmY7a1Dv:
zejCdB8NRfasU0WrVukbgkIBrmGaFv

PEiD..: -

TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)

PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x40137d
timedatestamp.....: 0x491588b3 (Sat Nov 08 12:40:19 2008)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x3f18 0x4000 6.54 108c1c0588321362826e2fcf549f0034
.rdata 0x5000 0x1316 0x2000 3.33 62ea043bbbce3b66eddc83995b487893
.data 0x7000 0x838 0x1000 0.66 789c521b3e089a8d81205a2bc1183fe4
.rsrc 0x8000 0x4ee148 0x4ef000 7.89 7eee34553d752dc09d7afa7d331a58d4

( 2 imports )
> KERNEL32.dll: lstrcpyA, GetTickCount, GetSystemTimeAsFileTime, FreeResource, CloseHandle, WriteFile, CreateFileA, LockResource, LoadResource, SizeofResource, FindResourceA, CreateProcessA, GetTempPathA, VirtualProtect, GetLocaleInfoA, GetStringTypeW, ExitProcess, GetModuleHandleA, GetStartupInfoA, GetCommandLineA, GetVersionExA, QueryPerformanceCounter, GetCurrentThreadId, GetCurrentProcessId, GetModuleFileNameA, GetProcAddress, TerminateProcess, GetCurrentProcess, GetStdHandle, UnhandledExceptionFilter, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, WideCharToMultiByte, GetLastError, GetEnvironmentStringsW, SetHandleCount, GetFileType, HeapDestroy, HeapCreate, VirtualFree, HeapFree, LoadLibraryA, RtlUnwind, InterlockedExchange, VirtualQuery, GetACP, GetOEMCP, GetCPInfo, HeapAlloc, VirtualAlloc, HeapReAlloc, HeapSize, LCMapStringA, MultiByteToWideChar, LCMapStringW, GetStringTypeA, GetSystemInfo
> USER32.dll: GetCursorPos, wsprintfA

( 0 exports )

[新闻] 那个OfflineActivation.exe也别去下载！

浏览过的版块