Rapport de virustotal

Bonjour,
VT Community Sign in ? My account ? Sign out Signing out... Languages ?

VirusTotal's website has changed, we need new translations, do you feel like helping the community?
info@virustotal.com
Sign in to VT CommunitySafety ratings and user comments (disinfection, in-the-wild locations, reverse engineering reports, etc.) on malware and URLs, free and easy.
email
password
Keep me logged in
Sign in Signing in, please wait...
Login failed, please try again
Forgot your password? Create an account

Edit my profile
View my profile
Inbox

Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...

4 VT Community user(s) with a total of 4 reputation credit(s) say(s) this sample is goodware. 2 VT Community user(s) with a total of 2 reputation credit(s) say(s) this sample is malware.
File name: 7z920.exe
Submission date: 2010-12-22 20:23:00 (UTC)
Current status: queued queued analysing finished


Result: 1/ 42 (2.4%)
VT Community

controversial
Safety score: 66.7%
Compact Print results Antivirus Version Last Update Result
AhnLab-V3 2010.12.22.00 2010.12.21 -
AntiVir 7.11.0.144 2010.12.22 -
Antiy-AVL 2.0.3.7 2010.12.22 -
Avast 4.8.1351.0 2010.12.22 -
Avast5 5.0.677.0 2010.12.22 -
AVG 9.0.0.851 2010.12.22 -
BitDefender 7.2 2010.12.22 -
CAT-QuickHeal 11.00 2010.12.22 -
ClamAV 0.96.4.0 2010.12.22 -
Command 5.2.11.5 2010.12.22 -
Comodo 7152 2010.12.22 -
DrWeb 5.0.2.03300 2010.12.22 -
eSafe 7.0.17.0 2010.12.22 -
eTrust-Vet 36.1.8055 2010.12.22 -
F-Prot 4.6.2.117 2010.12.22 -
F-Secure 9.0.16160.0 2010.12.22 -
Fortinet 4.2.254.0 2010.12.21 -
GData 21 2010.12.22 -
Ikarus T3.1.1.90.0 2010.12.22 -
Jiangmin 13.0.900 2010.12.22 -
K7AntiVirus 9.74.3319 2010.12.22 -
Kaspersky 7.0.0.125 2010.12.22 -
McAfee 5.400.0.1158 2010.12.22 -
McAfee-GW-Edition 2010.1C 2010.12.22 -
Microsoft 1.6402 2010.12.22 -
NOD32 5725 2010.12.22 -
Norman 6.06.12 2010.12.22 -
nProtect 2010-12-22.01 2010.12.22 -
Panda 10.0.2.7 2010.12.22 -
PCTools 7.0.3.5 2010.12.22 -
Prevx 3.0 2010.12.22 -
Rising 22.79.01.04 2010.12.22 -
Sophos 4.60.0 2010.12.22 -
SUPERAntiSpyware 4.40.0.1006 2010.12.22 -
Symantec 20101.3.0.103 2010.12.22 -
TheHacker 6.7.0.1.104 2010.12.21 Trojan/Downloader.Zlob.bpbl
TrendMicro 9.120.0.1004 2010.12.22 -
TrendMicro-HouseCall 9.120.0.1004 2010.12.22 -
VBA32 3.12.14.2 2010.12.21 -
VIPRE 7762 2010.12.22 -
ViRobot 2010.12.22.4214 2010.12.22 -
VirusBuster 13.6.108.0 2010.12.22 -
Additional informationShow all
MD5 : b3fdf6e7b0aecd48ca7e4921773fb606
SHA1 : 55283ad59439134673fc32fc097bdd9ae920fbc6
SHA256: 1e2f2a8fb52d3972b9b65b8ad1bebb66965c47a2994f89b3d652c31e6f6e4c3c
ssdeep: 24576:c7Rz+6GVlkicMgH6I7kuF7Xc+qaM9oXDEmHbGrXjk5rOTm:E+6cY75ZLqaMsDp6ro6m
File size : 1110476 bytes
First seen: 2010-11-18 20:01:31
Last seen : 2010-12-22 20:23:00
TrID:
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

packers (F-Prot): NSIS, Unicode, UTF-8
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x323C
timedatestamp....: 0x4B1AE3C6 (Sat Dec 05 22:50:46 2009)
machinetype......: 0x14c (I386)

[[ 5 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x5A5A, 0x5C00, 6.42, 0bc2ffd32265a08d72b795b18265828d
.rdata, 0x7000, 0x1190, 0x1200, 5.18, f179218a059068529bdb4637ef5fa28e
.data, 0x9000, 0x1AF98, 0x400, 4.71, 975304d6dd6c4a4f076b15511e2bbbc0
.ndata, 0x24000, 0x9000, 0x0, 0.00, d41d8cd98f00b204e9800998ecf8427e
.rsrc, 0x2D000, 0x4118, 0x4200, 5.85, 77483af972a8e757d8ba96b88dc0c038

[[ 8 import(s) ]]
KERNEL32.dll: CompareFileTime, SearchPathA, GetShortPathNameA, GetFullPathNameA, MoveFileA, SetCurrentDirectoryA, GetFileAttributesA, GetLastError, CreateDirectoryA, SetFileAttributesA, Sleep, GetTickCount, CreateFileA, GetFileSize, GetModuleFileNameA, GetCurrentProcess, CopyFileA, ExitProcess, SetFileTime, GetTempPathA, GetCommandLineA, SetErrorMode, LoadLibraryA, lstrcpynA, GetDiskFreeSpaceA, GlobalUnlock, GlobalLock, CreateThread, CreateProcessA, RemoveDirectoryA, GetTempFileNameA, lstrlenA, lstrcatA, GetSystemDirectoryA, GetVersion, CloseHandle, lstrcmpiA, lstrcmpA, ExpandEnvironmentStringsA, GlobalFree, GlobalAlloc, WaitForSingleObject, GetExitCodeProcess, GetModuleHandleA, LoadLibraryExA, GetProcAddress, FreeLibrary, MultiByteToWideChar, WritePrivateProfileStringA, GetPrivateProfileStringA, WriteFile, ReadFile, MulDiv, SetFilePointer, FindClose, FindNextFileA, FindFirstFileA, DeleteFileA, GetWindowsDirectoryA
USER32.dll: EndDialog, ScreenToClient, GetWindowRect, EnableMenuItem, GetSystemMenu, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, SetCursor, LoadCursorA, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, RegisterClassA, TrackPopupMenu, AppendMenuA, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxIndirectA, CharPrevA, DispatchMessageA, PeekMessageA, DestroyWindow, CreateDialogParamA, SetTimer, SetWindowTextA, PostQuitMessage, SetForegroundWindow, wsprintfA, SendMessageTimeoutA, FindWindowExA, SystemParametersInfoA, CreateWindowExA, GetClassInfoA, DialogBoxParamA, CharNextA, OpenClipboard, ExitWindowsEx, IsWindow, GetDlgItem, SetWindowLongA, LoadImageA, GetDC, EnableWindow, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndPaint, ShowWindow
GDI32.dll: SetBkColor, GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectA, SetBkMode, SetTextColor, SelectObject
SHELL32.dll: SHGetPathFromIDListA, SHBrowseForFolderA, SHGetFileInfoA, ShellExecuteA, SHFileOperationA, SHGetSpecialFolderLocation
ADVAPI32.dll: RegQueryValueExA, RegSetValueExA, RegEnumKeyA, RegEnumValueA, RegOpenKeyExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegCreateKeyExA
COMCTL32.dll: ImageList_AddMasked, ImageList_Destroy, -, ImageList_Create
ole32.dll: CoTaskMemFree, OleInitialize, OleUninitialize, CoCreateInstance
VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA

ExifTool:
file metadata
CodeSize: 23552
EntryPoint: 0x323c
FileSize: 1084 kB
FileType: Win32 EXE
ImageVersion: 6.0
InitializedDataSize: 119808
LinkerVersion: 6.0
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 4.0
PEType: PE32
Subsystem: Windows GUI
SubsystemVersion: 4.0
TimeStamp: 2009:12:05 23:50:46+01:00
UninitializedDataSize: 1024



VT Community

7
User:Anonymous

Reputation:1 credits

Comment date:2010-11-19 18:53:35 (UTC)
Tags: Goodware,
Was this comment helpful? Yes (2) | No (0) | Report abuse Reported as abuseful
User:Anonymous

Reputation:1 credits

Comment date:2010-11-20 16:30:07 (UTC)
7-Zip ver. 9.20
Tags: Goodware,
Was this comment helpful? Yes (2) | No (0) | Report abuse Reported as abuseful
User:Anonymous

Reputation:1 credits

Comment date:2010-11-20 22:04:07 (UTC)
0/ 42 virus détecté, comme pour les versions précédentes de cet excellent freeware
Tags: Goodware,
Was this comment helpful? Yes (3) | No (1) | Report abuse Reported as abuseful
User:Anonymous

Reputation:1 credits

Comment date:2010-11-29 06:57:10 (UTC)
7z920.exe downloaded from sourceforge appears to be clean 0/42
Tags: Goodware,
Was this comment helpful? Yes (1) | No (0) | Report abuse Reported as abuseful
User:Anonymous

Reputation:1 credits

Comment date:2010-11-30 16:36:47 (UTC)
Result: 1/ 42 (2.4%)
File name: 7z920.exe
Submission date: 2010-11-30 16:32:22 (UTC)
Current status: queued (#3) queued (#3) analysing finished
"Trojan/Downloader.Zlob.bpbl" reported by TheHacker
Tags: 3, 3, zlob, bpbl
Was this comment helpful? Yes (0) | No (3) | Report abuse Reported as abuseful
User:Anonymous
Reputation:1 credits
Comment date:2010-11-19 18:53:35 (UTC) Tags: Goodware, Was this comment helpful? Yes (2) | No (0) | Report abuse Reported as abuseful User:Anonymous
Reputation:1 credits
Comment date:2010-11-20 16:30:07 (UTC) 7-Zip ver. 9.20 Tags: Goodware, Was this comment helpful? Yes (2) | No (0) | Report abuse Reported as abuseful User:Anonymous
Reputation:1 credits
Comment date:2010-11-20 22:04:07 (UTC) 0/ 42 virus détecté, comme pour les versions précédentes de cet excellent freeware Tags: Goodware, Was this comment helpful? Yes (3) | No (1) | Report abuse Reported as abuseful User:Anonymous
Reputation:1 credits
Comment date:2010-11-29 06:57:10 (UTC) 7z920.exe downloaded from sourceforge appears to be clean 0/42 Tags: Goodware, Was this comment helpful? Yes (1) | No (0) | Report abuse Reported as abuseful User:Anonymous
Reputation:1 credits
Comment date:2010-11-30 16:36:47 (UTC) Result: 1/ 42 (2.4%)
File name: 7z920.exe
Submission date: 2010-11-30 16:32:22 (UTC)
Current status: queued (#3) queued (#3) analysing finished
"Trojan/Downloader.Zlob.bpbl" reported by TheHacker Tags: 3, 3, zlob, bpblWas this comment helpful? Yes (0) | No (3) | Report abuse Reported as abuseful
Loading...


Prev12Next



Add your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments?

You can add basic styles to your comments using the following accepted bbcode tags:

[b]text/b -- bold
[i]text/i -- italics
[u]text/u -- underline
[s]text/s -- strikethrough
[code]text/code -- preformatted text

You can also address comments to particular users using the "@" twitter-like mode. By prepending a "#" symbol to a word you can add custom tags to your comment, tags that can then be searched for.

Goodware Malware Spam attachment/link
P2P download Propagating via IM Network worm
Drive-by-download



Anonymous limit exceeded: anonymous users can only make one comment per file or URL, either sign in or register in order to continue making reviews on this item. Note that anonymous user discrimination is based on IP addresses, hence, it may be possible that another user behind your same proxy or NAT connection already made a review.

Preview commentEdit comment Post comment Posting comment...
Comment successfully posted

dans mon rapport :TheHacker 6.7.0.1.104 2010.12.21 Trojan/Downloader.Zlob.bpbl
m'indique ceci,est ce que je peux ouvrir ce fichier ou non (mise a jour nouvelle version de 7-zip merci





ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
VirusTotal © Hispasec Sistemas - Blog - Twitter - Contact: info@virustotal.com- Terms of Service & Privacy Policy

dans