What are the free membership and six diamond tools? Be careful with the gray pigeon backdoor. win32.gpigeon. Gem spread through QQ
Original endurer
1st
A member of a QQ Group sent a message:
Free membership and six-digit drill .. Please download the tool to refresh it .. The following is the download Tool website hxxp: // * 59. * 32.128.135: 2*80/large
Suspicious: Use httpread to download the file and use fileinfo to extract the file information:
File Description: D:/test/Example
Attribute: ---
Digital Signature: No
PE file: Yes
Language: Chinese (China)
File version: 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
Description: Win32 cabinet self-Extractor
Copyright: (c) Microsoft Corporation. All rights reserved.
Product Version: 6.00.2900.2180
Product Name: Microsoft (r) Windows (r) Operating System
Company Name: Microsoft Corporation
Internal name: wextract
Source File Name: wextract. exe
Created at: 22:36:40
Modification time:
Size: 380416 bytes, 371.512 KB
MD5: 996f03225b64f61f69dffd298a9deddf
Sha1: 0807b3b71c2f9c8e989c0617edd4342fdd77a6ab
CRC32: 48cb6b2b
Decompress the package to obtain a file:
File Description: D:/test/3.exe
Attribute: ---
Digital Signature: No
PE file: Yes
An error occurred while obtaining the file version information!
Creation Time: 18:58:18
Modification time: 18:58:18
Size: 795648 bytes, 777.0 KB
MD5: 4fc06c2df76fee9af7dc7a3fa7b6ce42
Sha1: 1f44458e406e07c0a6aeaedcbd37cbfa809ee415
CRC32: 05906505
Upload online scan:
File _ e5_88_b7_e4_bc_9a_e5_91_98_e5_92 received at 2009.05.17 16:55:06 (CET)
Anti-Virus engine |
Version |
Last update |
Scan results |
A-squared |
4.0.0.101 |
2009.05.17 |
Trojan-Downloader.Win32.Delf.aup! Ik |
AhnLab-V3 |
5.0.0.2 |
2009.05.16 |
- |
AntiVir |
7.9.0.168 |
2009.05.17 |
- |
Antiy-AVL |
2.0.3.1 |
2009.05.15 |
- |
Authentium |
5.1.2.4 |
2009.05.16 |
W32/hupigon. A. Gen! Eldorado |
Avast |
4.8.1335.0 |
2009.05.16 |
Win32: hupigon-mbH |
AVG |
8.5.0.336 |
2009.05.16 |
Win32/pemask |
BitDefender |
7.2 |
2009.05.17 |
Trojan. dropper. Rya |
Cat-quickheal |
10.00 |
2009.05.15 |
Trojan. Agent. ATV |
ClamAV |
0.94.1 |
2009.05.16 |
Trojan Graybird-16 |
Comodo |
1157 |
2009.05.08 |
- |
Drweb |
5.0.0.12182 |
2009.05.17 |
Backdoor. pigeon.7889 |
Esafe |
7.0.20. |
2009.05.17 |
- |
ETrust-vet |
31.6.20.8 |
2009.05.16 |
- |
F-Prot |
4.4.4.56 |
2009.05.16 |
W32/hupigon. A. Gen! Eldorado |
F-Secure |
8.0.14470.0 |
2009.05.16 |
Backdoor. win32.hupigon. ADMA |
Fortinet |
3.117.0.0 |
2009.05.17 |
W32/pemask.! Tr |
Gdata |
19 |
2009.05.17 |
Trojan. dropper. Rya |
Ikarus |
T3.1.1.49.0 |
2009.05.17 |
Trojan-Downloader.Win32.Delf.aup |
K7antivirus |
7.10.737 |
2009.05.16 |
- |
Kaspersky |
7.0.0.125 |
2009.05.17 |
Backdoor. win32.hupigon. ADMA |
McAfee |
5618 |
2009.05.17 |
- |
McAfee + Artemis |
5618 |
2009.05.17 |
BackDoor-shortname |
McAfee-GW-Edition |
6.7.6 |
2009.05.17 |
Trojan. Backdoor. hupigon. gen |
Microsoft |
1.4602 |
2009.05.17 |
BACKDOOR: Win32/hupigon. Gen! B |
NOD32 |
4080 |
2009.05.15 |
A variant of Win32/hupigon |
Norman |
6.01.05 |
2009.05.16 |
- |
Nprotect |
2009.1.8.0 |
2009.05.17 |
- |
Panda |
10.0.0.14 |
2009.05.17 |
BCK/hupigon. gen |
Pctools |
4.4.2.0 |
2009.05.17 |
Backdoor. hupigon. GTB |
Prevx |
3.0 |
2009.05.17 |
Medium risk malware |
Rising |
21.29.62.00 |
2009.05.17 |
Backdoor. win32.gpigeon. Gem |
Sophos |
4.41.0 |
2009.05.17 |
Mal/dspy-B |
Sunbelt |
3.2.1858.2 |
2009.05.16 |
- |
Symantec |
1.4.4.12 |
2009.05.17 |
- |
Thehacker |
6.3.4.1.326 |
2009.05.17 |
- |
TrendMicro |
8.950.0.1092 |
2009.05.15 |
Mal_Pai-8 |
Vba32 |
3.12.10.5 |
2009.05.17 |
Oscope. Backdoor. hupigon. axbr |
ViRobot |
2009.5.15.1737 |
2009.05.15 |
- |
Virusbuster |
4.6.5.0 |
2009.05.16 |
- |