|
|
|
|
|
 Разведчик |
 Регистрация: 20.04.2009
 Сообщений: 15
 Популярность: 10
 Сказал(а) спасибо: 6
Поблагодарили 0 раз(а) в 0 сообщениях
|
Re: Лоудер
[HTML]<table border="1"><tr><td colspan="4">Файл 25_RF_Quick_loader.exe получен 2009.08.02 23:21:31 (UTC)</td></tr><tr><td>Антивирус</td><td>Версия</td><td>Обновление</td><td>Результат</td</tr><tr><td>a-squared</td><td>4.5.0.24</td><td>2009.08.02</td><td>-</td</tr><tr><td>AhnLab-V3</td><td>5.0.0.2</td><td>2009.08.01</td><td>-</td</tr><tr><td>AntiVir</td><td>7.9.0.238</td><td>2009.08.02</td><td>-</td</tr><tr><td>Antiy-AVL</td><td>2.0.3.7</td><td>2009.07.31</td><td>-</td</tr><tr><td>Authentium</td><td>5.1.2.4</td><td>2009.08.02</td><td style="color: red;">W32/Infostealer.A!Maximus</td</tr><tr><td>Avast</td><td>4.8.1335.0</td><td>2009.08.02</td><td>-</td</tr><tr><td>AVG</td><td>8.5.0.406</td><td>2009.08.02</td><td>-</td</tr><tr><td>BitDefender</td><td>7.2</td><td>2009.08.02</td><td>-</td</tr><tr><td>CAT-QuickHeal</td><td>10.00</td><td>2009.07.30</td><td>-</td</tr><tr><td>ClamAV</td><td>0.94.1</td><td>2009.08.03</td><td>-</td</tr><tr><td>Comodo</td><td>1843</td><td>2009.08.03</td><td>-</td</tr><tr><td>DrWeb</td><td>5.0.0.12182</td><td>2009.08.03</td><td>-</td</tr><tr><td>eSafe</td><td>7.0.17.0</td><td>2009.07.30</td><td>-</td</tr><tr><td>eTrust-Vet</td><td>31.6.6650</td><td>2009.08.01</td><td>-</td</tr><tr><td>F-Prot</td><td>4.4.4.56</td><td>2009.08.02</td><td style="color: red;">W32/Infostealer.A!Maximus</td</tr><tr><td>F-Secure</td><td>8.0.14470.0</td><td>2009.08.01</td><td>-</td</tr><tr><td>Fortinet</td><td>3.120.0.0</td><td>2009.08.02</td><td>-</td</tr><tr><td>GData</td><td>19</td><td>2009.08.02</td><td>-</td</tr><tr><td>Ikarus</td><td>T3.1.1.64.0</td><td>2009.08.02</td><td>-</td</tr><tr><td>Jiangmin</td><td>11.0.800</td><td>2009.08.02</td><td>-</td</tr><tr><td>K7AntiVirus</td><td>7.10.808</td><td>2009.08.01</td><td>-</td</tr><tr><td>Kaspersky</td><td>7.0.0.125</td><td>2009.08.03</td><td>-</td</tr><tr><td>McAfee</td><td>5696</td><td>2009.08.02</td><td>-</td</tr><tr><td>McAfee+Artemis</td><td>5696</td><td>2009.08.02</td><td>-</td</tr><tr><td>McAfee-GW-Edition</td><td>6.8.5</td><td>2009.08.03</td><td style="color: red;">Heuristic.BehavesLike.Win32.Backdoor.I</td</tr><tr><td>Microsoft</td><td>1.4903</td><td>2009.08.02</td><td>-</td</tr><tr><td>NOD32</td><td>4299</td><td>2009.08.02</td><td>-</td</tr><tr><td>Norman</td><td>6.01.09</td><td>2009.07.31</td><td>-</td</tr><tr><td>nProtect</td><td>2009.1.8.0</td><td>2009.08.02</td><td>-</td</tr><tr><td>Panda</td><td>10.0.0.14</td><td>2009.08.02</td><td>-</td</tr><tr><td>PCTools</td><td>4.4.2.0</td><td>2009.08.02</td><td>-</td</tr><tr><td>Prevx</td><td>3.0</td><td>2009.08.03</td><td>-</td</tr><tr><td>Rising</td><td>21.40.62.00</td><td>2009.08.02</td><td>-</td</tr><tr><td>Sophos</td><td>4.44.0</td><td>2009.08.02</td><td>-</td</tr><tr><td>Sunbelt</td><td>3.2.1858.2</td><td>2009.08.02</td><td>-</td</tr><tr><td>Symantec</td><td>1.4.4.12</td><td>2009.08.03</td><td>-</td</tr><tr><td>TheHacker</td><td>6.3.4.3.375</td><td>2009.08.01</td><td>-</td</tr><tr><td>TrendMicro</td><td>8.950.0.1094</td><td>2009.07.31</td><td>-</td</tr><tr><td>VBA32</td><td>3.12.10.9</td><td>2009.08.02</td><td>-</td</tr><tr><td>ViRobot</td><td>2009.7.31.1863</td><td>2009.07.31</td><td>-</td</tr><tr><td>VirusBuster</td><td>4.6.5.0</td><td>2009.08.02</td><td>-</td</tr><tr><td colspan="4"> </td></tr><tr><td colspan="4">Дополнительная информация</td></tr><tr><td colspan="4">File size: 475136 bytes</td></tr><tr><td colspan="4">MD5...: 52cfb6f88618cc32aa64cca7eda012b3</td></tr><tr><td colspan="4">SHA1..: f6862c483146c56315ffcc268c4d737d98a81da3</td></tr><tr><td colspan="4">SHA256: 635a751a4454a63ac0f3677edc93cbb4e5119ceea1b158a437 fa0d81a6c28ce2</td></tr><tr><td colspan="4">ssdeep: 12288:jT4/nHkxg3bv1inLZ9Rk7YeWvyt6HqUi7P:vUHkxgb1iLFk7mq0rC< br></td></tr><tr><td colspan="4">PEiD..: BobSoft Mini Delphi -> BoB / BobSoft</td></tr><tr><td colspan="4">TrID..: File type identification<br>Win32 Executable Borland Delphi 7 (69.1%)<br>Win32 Executable Borland Delphi 6 (27.0%)<br>Win32 Executable Delphi generic (1.5%)<br>Win32 Executable Generic (0.8%)<br>Win32 Dynamic Link Library (generic) (0.7%)</td></tr><tr><td colspan="4">PEInfo: PE Structure information<br><br>( base data )<br>entrypointaddress.: 0x62ed0<br>timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)<br>machinetype.......: 0x14c (I386)<br><br>( 8 sections )<br>name viradd virsiz rawdsiz ntrpy md5<br>CODE 0x1000 0x61f5c 0x62000 6.54 f225632e08c79650bb96218f24510d9f<br>DATA 0x63000 0x1508 0x1600 4.05 5bee010b8ea3c9ffbd4942ec2820f71d<br>BSS 0x65000 0xf25 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.idata 0x66000 0x22e6 0x2400 4.82 11735da9b1309025d98ca144ca364a09<br>.tls 0x69000 0x14 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<br>.rdata 0x6a000 0x18 0x200 0.20 6824ac496ad10565099a79748076e234<br>.reloc 0x6b000 0x7168 0x7200 6.67 2f8d2795a7531a5c007fabde0856433d<br>.rsrc 0x73000 0x6e00 0x6e00 4.27 fc2ee9c45621bbd6d66941ac9b30e144<br><br>( 16 imports ) <br>> kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetVersion, GetCurrentThreadId, InterlockedDecrement, InterlockedIncrement, VirtualQuery, WideCharToMultiByte, MultiByteToWideChar, lstrlenA, lstrcpynA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, ExitProcess, WriteFile, UnhandledExceptionFilter, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetFileType, CreateFileA, CloseHandle<br>> user32.dll: GetKeyboardType, LoadStringA, MessageBoxA, CharNextA<br>> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey<br>> oleaut32.dll: SysFreeString, SysReAllocStringLen, SysAllocStringLen<br>> kernel32.dll: TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA<br>> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey<br>> kernel32.dll: lstrcpyA, WriteFile, WaitForSingleObject, VirtualQuery, VirtualAlloc, Sleep, SizeofResource, SetThreadLocale, SetFilePointer, SetEvent, SetErrorMode, SetEndOfFile, ResetEvent, ReadFile, MultiByteToWideChar, MulDiv, LockResource, LoadResource, LoadLibraryA, LeaveCriticalSection, InitializeCriticalSection, GlobalUnlock, GlobalReAlloc, GlobalHandle, GlobalLock, GlobalFree, GlobalFindAtomA, GlobalDeleteAtom, GlobalAlloc, GlobalAddAtomA, GetVersionExA, GetVersion, GetTickCount, GetThreadLocale, GetSystemInfo, GetStringTypeExA, GetStdHandle, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLocalTime, GetLastError, GetFullPathNameA, GetDiskFreeSpaceA, GetDateFormatA, GetCurrentThreadId, GetCurrentProcessId, GetCPInfo, GetACP, FreeResource, InterlockedExchange, FreeLibrary, FormatMessageA, FindResourceA, EnumCalendarInfoA, EnterCriticalSection, DeleteCriticalSection, CreateThread, CreateProcessA, CreateFileA, CreateEventA, CompareStringA, CloseHandle<br>> version.dll: VerQueryValueA, GetFileVersionInfoSizeA, GetFileVersionInfoA<br>> gdi32.dll: UnrealizeObject, StretchBlt, SetWindowOrgEx, SetViewportOrgEx, SetTextColor, SetStretchBltMode, SetROP2, SetPixel, SetDIBColorTable, SetBrushOrgEx, SetBkMode, SetBkColor, SelectPalette, SelectObject, SaveDC, RestoreDC, RectVisible, RealizePalette, PatBlt, MoveToEx, MaskBlt, LineTo, IntersectClipRect, GetWindowOrgEx, GetTextMetricsA, GetTextExtentPoint32A, GetSystemPaletteEntries, GetStockObject, GetPixel, GetPaletteEntries, GetObjectA, GetDeviceCaps, GetDIBits, GetDIBColorTable, GetDCOrgEx, GetCurrentPositionEx, GetClipBox, GetBrushOrgEx, GetBitmapBits, ExtTextOutA, ExcludeClipRect, DeleteObject, DeleteDC, CreateSolidBrush, CreatePenIndirect, CreatePalette, CreateHalftonePalette, CreateFontIndirectA, CreateDIBitmap, CreateDIBSection, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, BitBlt<br>> user32.dll: CreateWindowExA, WindowFromPoint, WinHelpA, WaitMessage, UpdateWindow, UnregisterClassA, UnhookWindowsHookEx, TranslateMessage, TranslateMDISysAccel, TrackPopupMenu, SystemParametersInfoA, ShowWindow, ShowScrollBar, ShowOwnedPopups, ShowCursor, SetWindowsHookExA, SetWindowTextA, SetWindowPos, SetWindowPlacement, SetWindowLongA, SetTimer, SetScrollRange, SetScrollPos, SetScrollInfo, SetRect, SetPropA, SetParent, SetMenuItemInfoA, SetMenu, SetForegroundWindow, SetFocus, SetCursor, SetClassLongA, SetCapture, SetActiveWindow, SendMessageA, ScrollWindow, ScreenToClient, RemovePropA, RemoveMenu, ReleaseDC, ReleaseCapture, RegisterWindowMessageA, RegisterClipboardFormatA, RegisterClassA, RedrawWindow, PtInRect, PostQuitMessage, PostMessageA, PeekMessageA, OffsetRect, OemToCharA, MessageBoxA, MapWindowPoints, MapVirtualKeyA, LoadStringA, LoadKeyboardLayoutA, LoadIconA, LoadCursorA, LoadBitmapA, KillTimer, IsZoomed, IsWindowVisible, IsWindowEnabled, IsWindow, IsRectEmpty, IsIconic, IsDialogMessageA, IsChild, InvalidateRect, IntersectRect, InsertMenuItemA, InsertMenuA, InflateRect, GetWindowThreadProcessId, GetWindowTextA, GetWindowRect, GetWindowPlacement, GetWindowLongA, GetWindowDC, GetTopWindow, GetSystemMetrics, GetSystemMenu, GetSysColorBrush, GetSysColor, GetSubMenu, GetScrollRange, GetScrollPos, GetScrollInfo, GetPropA, GetParent, GetWindow, GetMenuStringA, GetMenuState, GetMenuItemInfoA, GetMenuItemID, GetMenuItemCount, GetMenu, GetLastActivePopup, GetKeyboardState, GetKeyboardLayoutList, GetKeyboardLayout, GetKeyState, GetKeyNameTextA, GetIconInfo, GetForegroundWindow, GetFocus, GetDesktopWindow, GetDCEx, GetDC, GetCursorPos, GetCursor, GetClientRect, GetClassNameA, GetClassInfoA, GetCapture, GetActiveWindow, FrameRect, FindWindowA, FillRect, EqualRect, EnumWindows, EnumThreadWindows, EndPaint, EnableWindow, EnableScrollBar, EnableMenuItem, DrawTextA, DrawMenuBar, DrawIconEx, DrawIcon, DrawFrameControl, DrawFocusRect, DrawEdge, DispatchMessageA, DestroyWindow, DestroyMenu, DestroyIcon, DestroyCursor, DeleteMenu, DefWindowProcA, DefMDIChildProcA, DefFrameProcA, CreatePopupMenu, CreateMenu, CreateIcon, ClientToScreen, CheckMenuItem, CallWindowProcA, CallNextHookEx, BeginPaint, CharNextA, CharLowerA, CharUpperBuffA, CharToOemA, AdjustWindowRectEx, ActivateKeyboardLayout<br>> kernel32.dll: Sleep<br>> oleaut32.dll: SafeArrayPtrOfIndex, SafeArrayPutElement, SafeArrayGetElement, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayGetUBound, SafeArrayGetLBound, SafeArrayCreate, VariantChangeType, VariantCopyInd, VariantCopy, VariantClear, VariantInit<br>> ole32.dll: CoUninitialize, CoInitialize<br>> oleaut32.dll: GetErrorInfo, SysFreeString<br>> comctl32.dll: ImageList_SetIconSize, ImageList_GetIconSize, ImageList_Write, ImageList_Read, ImageList_GetDragImage, ImageList_DragShowNolock, ImageList_SetDragCursorImage, ImageList_DragMove, ImageList_DragLeave, ImageList_DragEnter, ImageList_EndDrag, ImageList_BeginDrag, ImageList_Remove, ImageList_DrawEx, ImageList_Draw, ImageList_GetBkColor, ImageList_SetBkColor, ImageList_ReplaceIcon, ImageList_Add, ImageList_GetImageCount, ImageList_Destroy, ImageList_Create<br>> wsock32.dll: WSACleanup, WSAStartup, WSAGetLastError, WSACancelAsyncRequest, WSAAsyncGetServByName, WSAAsyncGetHostByName, WSAAsyncSelect, getservbyname, gethostbyname, socket, send, recv, ntohs, listen, ioctlsocket, inet_addr, htons, connect, closesocket, bind<br><br>( 0 exports ) <br></td></tr><tr><td colspan="4">PDFiD.: -</td></tr><tr><td colspan="4">RDS...: NSRL Reference Data Set<br>-</td></tr></table>[/HTML]
хз. чет не получилось код вставить=) кароч вирус-тотал нашел бекдор.проверьте через пару дней еще раз.
|
