C:\WINDOWS\system32\ie.exe
附件:
您所在的用户组无法下载或查看附件解压密码:virus
文件说明符 : C:\WINDOWS\system32\ie.exe
属性 : ----
数字签名:否
PE文件:是
语言 : 中文(中国)
文件版本 : 3.2.12.65
创建时间 : 2008-8-12 11:19:30
修改时间 : 2008-7-31 1:0:30
大小 : 258247 字节 252.199 KB
MD5 : 36f4d725b8c337c326f13ecd92d8b916
SHA1: A614CD1B4469171B3016BF12DFD6FEA595F46B89
CRC32: 60333edb
文件 ie.exe 接收于 2008.09.07 10:39:51 (CET)
| 反病毒引擎 | 版本 | 最后更新 | 扫描结果 |
| AhnLab-V3 | 2008.9.6.0 | 2008.09.06 | - |
| AntiVir | 7.8.1.28 | 2008.09.05 | - |
| Authentium | 5.1.0.4 | 2008.09.06 | - |
| Avast | 4.8.1195.0 | 2008.09.06 | - |
| AVG | 8.0.0.161 | 2008.09.07 | - |
| BitDefender | 7.2 | 2008.09.07 | - |
| CAT-QuickHeal | 9.50 | 2008.09.06 | - |
| ClamAV | 0.93.1 | 2008.09.07 | - |
| DrWeb | 4.44.0.09170 | 2008.09.06 | - |
| eSafe | 7.0.17.0 | 2008.09.03 | Suspicious File |
| eTrust-Vet | 31.6.6072 | 2008.09.05 | Win32/Matcash.DZ |
| Ewido | 4.0 | 2008.09.06 | - |
| F-Prot | 4.4.4.56 | 2008.09.06 | - |
| F-Secure | 8.0.14332.0 | 2008.09.07 | - |
| Fortinet | 3.112.0.0 | 2008.09.07 | - |
| GData | 19 | 2008.09.07 | - |
| Ikarus | T3.1.1.34.0 | 2008.09.07 | Virus.VirTool.Win32.MS04.028.a |
| K7AntiVirus | 7.10.443 | 2008.09.05 | Trojan.Win32.Malware.1 |
| Kaspersky | 7.0.0.125 | 2008.09.07 | Heur.Downloader |
| McAfee | 5378 | 2008.09.05 | - |
| Microsoft | 1.3903 | 2008.09.07 | - |
| NOD32v2 | 3423 | 2008.09.06 | - |
| Norman | 5.80.02 | 2008.09.05 | - |
| Panda | 9.0.0.4 | 2008.09.06 | Suspicious file |
| PCTools | 4.4.2.0 | 2008.09.06 | - |
| Prevx1 | V2 | 2008.09.07 | Malware Downloader |
| Rising | 20.60.61.00 | 2008.09.07 | - |
| Sophos | 4.33.0 | 2008.09.07 | - |
| Sunbelt | 3.1.1610.1 | 2008.09.05 | - |
| Symantec | 10 | 2008.09.07 | - |
| TheHacker | 6.3.0.8.075 | 2008.09.06 | - |
| TrendMicro | 8.700.0.1004 | 2008.09.05 | - |
| VBA32 | 3.12.8.5 | 2008.09.06 | - |
| ViRobot | 2008.9.5.1365 | 2008.09.06 | - |
| VirusBuster | 4.5.11.0 | 2008.09.06 | - |
| Webwasher-Gateway | 6.6.2 | 2008.09.05 | - |
| 附加信息 |
| File size: 258247 bytes |
| MD5...: 36f4d725b8c337c326f13ecd92d8b916 |
| SHA1..: a614cd1b4469171b3016bf12dfd6fea595f46b89 |
| SHA256: bc4b38a316544e83cfecc341cadb9ca6f8b56ba285627b225f22e9c3a1f2e6fe |
SHA512: 975dbe4e9ece59afe98c0a561c15345618ab4b7e6c80dd02bce72f0923e4c247
7522ae3c7710ff29d5f88549af4deca078f00de75f5d62d3d874c742438c421f |
| PEiD..: - |
TrID..: File type identification
UPX compressed Win32 Executable (43.8%)
Win32 EXE Yoda's Crypter (38.1%)
Win32 Executable Generic (12.2%)
Generic Win/DOS Executable (2.8%)
DOS Executable Generic (2.8%) |
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x48cef0
timedatestamp.....: 0x482d38b0 (Fri May 16 07:33:04 2008)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0x55000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0x56000 0x38000 0x37200 7.92 84922a057e508435a1052bb737e86c7d
.rsrc 0x8e000 0x8000 0x7400 4.99 a3edc7da7e30d09d2edd866aa7c4742e
( 13 imports )
> KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree, ExitProcess
> ADVAPI32.dll: RegCloseKey
> COMCTL32.dll: ImageList_Create
> comdlg32.dll: GetSaveFileNameA
> GDI32.dll: LineTo
> MPR.dll: WNetGetConnectionA
> ole32.dll: CoInitialize
> OLEAUT32.dll: -
> SHELL32.dll: DragFinish
> USER32.dll: GetDC
> VERSION.dll: VerQueryValueA
> WINMM.dll: timeGetTime
> WSOCK32.dll: -
( 0 exports )
|
| Prevx info: http://info.prevx.com/aboutprogr ... 3690009C2007CFE81E8 |
| packers (F-Prot): UPX |
| packers (Kaspersky): PE_Patch.UPX, UPX |
用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Maxthon)
