|
社区嘉宾
- 帖子:22020
- 注册:
2003-04-29
- 来自:pe_xscan Studio
|
发表于:
2009-10-16 23:16
|
只看楼主
短消息
资料
Wsock22.dll---651ad08ef64d9ea775513f7c96be52b8
 附件: 您所在的用户组无法下载或查看附件解压密码:virus 文件说明符 : C:\WINDOWS\system32\Wsock22.dll 属性 : A--- 数字签名:否 PE文件:是 获取文件版本信息大小失败! 创建时间 : 2009-10-16 21:14:8 修改时间 : 2009-10-10 23:31:16 大小 : 57344 字节 56.0 KB MD5 : 651ad08ef64d9ea775513f7c96be52b8 SHA1: 75B290A0714753A493E07A00E1F86A44CBD948CD CRC32: 8ce4f96f 文件 Wsock22.dll 接收于 2009.10.16 15:07:57 (UTC) | 反病毒引擎 | 版本 | 最后更新 | 扫描结果 | | a-squared | 4.5.0.41 | 2009.10.16 | Trojan-Downloader.Small!IK | | AhnLab-V3 | 5.0.0.2 | 2009.10.16 | - | | AntiVir | 7.9.1.35 | 2009.10.16 | TR/Dldr.Small.jrs | | Antiy-AVL | 2.0.3.7 | 2009.10.16 | - | | Authentium | 5.1.2.4 | 2009.10.16 | - | | Avast | 4.8.1351.0 | 2009.10.14 | - | | AVG | 8.5.0.420 | 2009.10.16 | - | | BitDefender | 7.2 | 2009.10.16 | Trojan.Generic.2522864 | | CAT-QuickHeal | 10.00 | 2009.10.16 | Trojan.Agent.ATV | | ClamAV | 0.94.1 | 2009.10.16 | - | | Comodo | 2621 | 2009.10.16 | - | | DrWeb | 5.0.0.12182 | 2009.10.16 | - | | eSafe | 7.0.17.0 | 2009.10.15 | - | | eTrust-Vet | 35.1.7071 | 2009.10.16 | - | | F-Prot | 4.5.1.85 | 2009.10.15 | - | | F-Secure | 8.0.14470.0 | 2009.10.16 | - | | Fortinet | 3.120.0.0 | 2009.10.16 | - | | GData | 19 | 2009.10.16 | Trojan.Generic.2522864 | | Ikarus | T3.1.1.72.0 | 2009.10.16 | Trojan-Downloader.Small | | Jiangmin | 11.0.800 | 2009.10.16 | Trojan/Clicker.fc | | K7AntiVirus | 7.10.872 | 2009.10.16 | - | | Kaspersky | 7.0.0.125 | 2009.10.16 | - | | McAfee | 5772 | 2009.10.15 | - | | McAfee+Artemis | 5772 | 2009.10.15 | Artemis!651AD08EF64D | | McAfee-GW-Edition | 6.8.5 | 2009.10.16 | Trojan.Dldr.Small.jrs | | Microsoft | 1.5101 | 2009.10.16 | - | | NOD32 | 4515 | 2009.10.16 | - | | Norman | 6.03.02 | 2009.10.16 | - | | nProtect | 2009.1.8.0 | 2009.10.15 | - | | Panda | 10.0.2.2 | 2009.10.15 | Trj/CI.A | | PCTools | 4.4.2.0 | 2009.10.16 | - | | Prevx | 3.0 | 2009.10.16 | - | | Rising | 21.51.44.00 | 2009.10.16 | - | | Sophos | 4.46.0 | 2009.10.16 | - | | Sunbelt | 3.2.1858.2 | 2009.10.15 | - | | Symantec | 1.4.4.12 | 2009.10.16 | - | | TheHacker | 6.5.0.2.043 | 2009.10.15 | - | | TrendMicro | 8.950.0.1094 | 2009.10.16 | TROJ_MALWARE.VTG | | VBA32 | 3.12.10.11 | 2009.10.15 | - | | ViRobot | 2009.10.16.1988 | 2009.10.16 | - | | VirusBuster | 4.6.5.0 | 2009.10.15 | - |
| 附加信息 | | File size: 57344 bytes | | MD5...: 651ad08ef64d9ea775513f7c96be52b8 | | SHA1..: 75b290a0714753a493e07a00e1f86a44cbd948cd | | SHA256: 5db3a7fe0d66bf7f716bfa12ec72ba57d264fed6ae1db859d9158718122e06d8 | ssdeep: 768:kH1WPBzoEmcqRFNNURVe/A1T5KpYJewYgSS99kiB9gneC13EPiAo7zu4oZ2:
m1uoNlkeo1T5KpuYgSS9aL+on1x
| | PEiD..: - | PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x2f71
timedatestamp.....: 0x4ab077b8 (Wed Sep 16 05:29:28 2009)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x8426 0x9000 6.36 ef13f29c4b70353dc563cc8f49eefe52
.rdata 0xa000 0xf5d 0x1000 5.23 53b47c4dcbe792ba2bac3799bcea9c02
.data 0xb000 0x2948 0x2000 2.45 f4e3772ee06265fa7ce614ead06246c9
.reloc 0xe000 0xf1a 0x1000 4.34 d5bef0c71191912622ea99fa9b82528b
( 5 imports )
> KERNEL32.dll: DeleteFileA, TerminateProcess, GetLastError, FindClose, FindNextFileA, FindFirstFileA, GetModuleFileNameA, CompareStringW, CompareStringA, LCMapStringW, LCMapStringA, CreateProcessA, SetEnvironmentVariableA, Sleep, RtlUnwind, LoadLibraryA, GetOEMCP, GetACP, GetCPInfo, GetStringTypeW, GetStringTypeA, MultiByteToWideChar, FlushFileBuffers, SetStdHandle, InterlockedIncrement, HeapFree, HeapAlloc, GetTimeZoneInformation, GetSystemTime, GetLocalTime, GetCommandLineA, GetVersion, HeapDestroy, HeapCreate, VirtualFree, InitializeCriticalSection, DeleteCriticalSection, EnterCriticalSection, LeaveCriticalSection, ExitProcess, VirtualAlloc, HeapReAlloc, CloseHandle, WriteFile, GetCurrentThreadId, TlsSetValue, TlsAlloc, TlsFree, SetLastError, TlsGetValue, GetProcAddress, GetModuleHandleA, GetCurrentProcess, SetHandleCount, GetStdHandle, GetFileType, GetStartupInfoA, FreeEnvironmentStringsA, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStrings, GetEnvironmentStringsW, SetFilePointer, InterlockedDecrement
> USER32.dll: SendMessageA, GetWindowThreadProcessId, GetClassNameA, GetParent, CloseDesktop, SetForegroundWindow, EnumDesktopWindows, PostMessageA, CreateDesktopA, EnumChildWindows
> ADVAPI32.dll: RegQueryValueExA, RegCloseKey, RegOpenKeyExA
> SHELL32.dll: SHGetSpecialFolderPathA
> WS2_32.dll: -, -, -, -, -, -, -, -, -, -, -, -
( 3 exports )
GetDLlVersion, Run, Sunbelt
| RDS...: NSRL Reference Data Set
- | | pdfid.: - | trid..: Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%) | sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
|
用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; TencentTraveler 4.0; MAXTHON 2.0)
|
