Wsock3.dll---fa0fd54b125f6645688df13306bf33a7 bbs.ikaka.com

endurer - 2009-10-16 23:07:00

附件: 您所在的用户组无法下载或查看附件
解压密码：virus

文件说明符 : C:\WINDOWS\system32\Wsock3.dll
属性 : A---
数字签名:否
PE文件:是
获取文件版本信息大小失败!
创建时间 : 2009-10-16 21:14:8
修改时间 : 2009-10-10 23:37:32
大小 : 24576 字节 24.0 KB
MD5 : fa0fd54b125f6645688df13306bf33a7
SHA1: D2A249E9BF3A7A2D7D3B5E9F662E33ED545120FA
CRC32: 26521d15
文件 Wsock3.dll 接收于 2009.10.16 14:59:23 (UTC)

反病毒引擎	版本	最后更新	扫描结果
a-squared	4.5.0.41	2009.10.16	Trojan-Downloader.Small!IK
AhnLab-V3	5.0.0.2	2009.10.16	-
AntiVir	7.9.1.35	2009.10.16	TR/Dldr.Small.jrs
Antiy-AVL	2.0.3.7	2009.10.16	-
Authentium	5.1.2.4	2009.10.16	-
Avast	4.8.1351.0	2009.10.14	-
AVG	8.5.0.420	2009.10.16	-
BitDefender	7.2	2009.10.16	-
CAT-QuickHeal	10.00	2009.10.16	Trojan.Agent.ATV
ClamAV	0.94.1	2009.10.16	-
Comodo	2621	2009.10.16	-
DrWeb	5.0.0.12182	2009.10.16	-
eSafe	7.0.17.0	2009.10.15	-
eTrust-Vet	35.1.7071	2009.10.16	-
F-Prot	4.5.1.85	2009.10.15	-
F-Secure	8.0.14470.0	2009.10.16	-
Fortinet	3.120.0.0	2009.10.16	-
GData	19	2009.10.16	-
Ikarus	T3.1.1.72.0	2009.10.16	Trojan-Downloader.Small
Jiangmin	11.0.800	2009.10.16	TrojanDownloader.Agent.btfv
K7AntiVirus	7.10.872	2009.10.16	-
Kaspersky	7.0.0.125	2009.10.16	-
McAfee	5772	2009.10.15	-
McAfee+Artemis	5772	2009.10.15	Artemis!FA0FD54B125F
McAfee-GW-Edition	6.8.5	2009.10.16	Trojan.Dldr.Small.jrs
Microsoft	1.5101	2009.10.16	-
NOD32	4514	2009.10.16	-
Norman	6.03.02	2009.10.16	-
nProtect	2009.1.8.0	2009.10.15	-
Panda	10.0.2.2	2009.10.15	-
PCTools	4.4.2.0	2009.10.16	-
Prevx	3.0	2009.10.16	-
Rising	21.51.44.00	2009.10.16	-
Sophos	4.46.0	2009.10.16	-
Sunbelt	3.2.1858.2	2009.10.15	-
Symantec	1.4.4.12	2009.10.16	-
TheHacker	6.5.0.2.043	2009.10.15	-
TrendMicro	8.950.0.1094	2009.10.16	-
VBA32	3.12.10.11	2009.10.15	-
ViRobot	2009.10.16.1988	2009.10.16	-
VirusBuster	4.6.5.0	2009.10.15	Trojan.DL.Small.CMKJ

附加信息

File size: 24576 bytes

MD5...: fa0fd54b125f6645688df13306bf33a7

SHA1..: d2a249e9bf3a7a2d7d3b5e9f662e33ed545120fa

SHA256: cce21dbbbad6ea214f0d3cf801ccf94e73ce49c31b897717e47c57a048c82ae1

ssdeep: 192:kHAyup9BNkXDkSbH6TvB6yoR59AsxHip/MIQPjkYnW:sjuPkXoSbHUcBAOip
fQP

PEiD..: -

PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x281b
timedatestamp.....: 0x4ab07887 (Wed Sep 16 05:32:55 2009)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x18e0 0x2000 5.50 878d100e85f08df1e3037e7cfec7e011
.rdata 0x3000 0x460 0x1000 1.68 c062e70577399f19c5dc2244fb091a85
.data 0x4000 0x294 0x1000 1.27 193607719e5f80eb00330c5ea0aec4cf
.reloc 0x5000 0x2e6 0x1000 1.20 8f4fe5f3171c93cb362218bbf9a63071

( 5 imports )
> KERNEL32.dll: GetLastError, DisableThreadLibraryCalls, Sleep, CreateProcessA, TerminateProcess
> USER32.dll: SendMessageA, GetWindowThreadProcessId, GetClassNameA, CloseDesktop, SetForegroundWindow, GetParent, EnumDesktopWindows, PostMessageA, CreateDesktopA, EnumChildWindows
> ADVAPI32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
> WS2_32.dll: -, -, -, -, -, -, -, -, -, -, -, -
> MSVCRT.dll: _adjust_fdiv, _initterm, time, srand, strchr, rand, atoi, sprintf, malloc, strstr, free

( 3 exports )
GetDLlVersion, Run, Sunbelt

RDS...: NSRL Reference Data Set
-

pdfid.: -

sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

trid..: Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; TencentTraveler 4.0; MAXTHON 2.0)

瑞星卡卡安全论坛