In the past few days, a qyou sent me a file named "gift .rar" and had to receive it.
File Description: D:/gift .rar
Attribute: ---
Digital Signature: No
PE file: No
Creation Time: 19:58:11
Modification time: 19:58:14
Size: 228370 bytes, 223.18 KB
MD5: 0aeb9d71c978e070f90d95fe27317350
Sha1: 9a0aafee836a12e8aa6d6a024e3eb7d28c204f61
CRC32: ff1496d7
Decompress the package:
File Description: D:/gift/open a gift/open it again/Open It/then open/trust me, open it./do you think you are joking?/What else?/Haha/Are you feeling confused?/Do you think there is no end to it? /Are you disappointed? /The next one will be there! /Or not? /This time./Why Not! /This is the last layer./be prepared. Don't be excited !. EXE
Attribute: ---
Digital Signature: No
PE file: Yes
An error occurred while obtaining the file version information!
Creation Time: 19:59:34
Modification time: 15:35:34
Size: 916480 bytes, 895.0 KB
MD5: 38ca55c7c695e14bc80cfa46c80d64b3
Sha1: 86d38ad2070e5f1eefa040a2a3aabc21eb2e5a14
CRC32: f3441c43
A deep directory ~
This time is busy, no time to test, directly upload the compressed package to the http://www.virustotal.com scan, the results are as follows:
File Name:
Gift .rar
Submission date:
2010-09-16 14:20:36 (UTC)
Current status:
Queued Queued Analyzing Finished
Result:
12/43 (27.9%)
Antivirus |
Version |
Last update |
Result |
AhnLab-V3 |
2010.09.16.01 |
2010.09.16 |
- |
AntiVir |
8.2.4.52 |
2010.09.16 |
- |
Antiy-AVL |
2.0.3.7 |
2010.09.16 |
- |
Authentium |
5.2.0.5 |
2010.09.16 |
W32/joke. OA |
Avast |
4.8.1351.0 |
2010.09.16 |
- |
Avast5 |
5.0.594.0 |
2010.09.16 |
- |
AVG |
9.0.0.851 |
2010.09.16 |
- |
BitDefender |
7.2 |
2010.09.16 |
- |
Cat-quickheal |
11.00 |
2010.09.16 |
- |
ClamAV |
0.96.2.0-Git |
2010.09.16 |
Trojan Downloader-20749 |
Comodo |
6097 |
2010.09.16 |
Trojware. win32.trojan. chifrax .~ A |
Drweb |
5.0.2.03300 |
2010.09.16 |
- |
Emsisoft |
5.0.0.37 |
2010.09.16 |
- |
Esafe |
7.0.20. |
2010.09.15 |
Win32.backdoor. grayb |
ETrust-vet |
36.1.7859 |
2010.09.16 |
- |
F-Prot |
4.6.1.107 |
2010.09.16 |
W32/joke. OA |
F-Secure |
9.0.15370.0 |
2010.09.16 |
- |
Fortinet |
4.1.143.0 |
2010.09.16 |
Joke/screenroses |
Gdata |
21 |
2010.09.16 |
- |
Ikarus |
T3.1.1.88.0 |
2010.09.16 |
- |
Jiangmin |
13.0.900 |
2010.09.16 |
- |
K7antivirus |
9.63.2522 |
2010.09.15 |
Jokeprogram |
Kaspersky |
7.0.0.125 |
2010.09.16 |
- |
McAfee |
5.400.0.1158 |
2010.09.16 |
- |
McAfee-GW-Edition |
2010.1c |
2010.09.16 |
- |
Microsoft |
1.6103 |
2010.09.16 |
- |
NOD32 |
5455 |
2010.09.16 |
Probably a variant of Win32/agent. koqbdxw |
Norman |
6.06.06 |
2010.09.15 |
Suspicious_gen2.adgoq |
Nprotect |
September 2010-09-16.02 |
2010.09.16 |
- |
Panda |
10.0.2.7 |
2010.09.16 |
- |
Pctools |
7.0.3.5 |
2010.09.16 |
- |
Prevx |
3.0 |
2010.09.16 |
High risk Worm |
Rising |
22.65.03.04 |
2010.09.16 |
Trojan. win32.generic. 522a7a89 |
Sophos |
4.57.0 |
2010.09.16 |
- |
Sunbelt |
6882 |
2010.09.16 |
- |
SUPERAntiSpyware |
4.40.0.1006 |
2010.09.16 |
- |
Symantec |
20101.1.1.7 |
2010.09.16 |
Joke. rosenu |
Thehacker |
6.7.0.0.020 |
2010.09.16 |
- |
TrendMicro |
9.120.0.1004 |
2010.09.16 |
- |
TrendMicro-housecall |
9.120.0.1004 |
2010.09.16 |
- |
Vba32 |
3.12.14.0 |
2010.09.16 |
- |
ViRobot |
2010.8.25.4006 |
2010.09.16 |
- |
Virusbuster |
12.65.9.0 |
2010.09.16 |
- |
Additional informationShow all |
MD5:0aeb9d71c978e070f90d95fe27317350 |
Sha1:9a0aafee836a12e8aa6d6a024e3eb7d28c204f61 |
Sha256:F248370694ec8001ebf05417dde3062a615e7a1365d5038d2c88a50756068e6a |
It may be a malicious program, or it may be just a joke program. Be careful!