[Upload][MU]lokiexe.exe

Philippines

Moderators: waferbaron, Moderators

Forum rules
This server is currently not maintained and tables folder (including connection info) is outdated. Read the wiki for instructions on how to update those information. Please contribute your updated info. Contact Cozzie to join the team as a regular server supporter.
venedictum
Noob
Noob
Posts: 8
Joined: 14 May 2011, 05:28
Noob?: Yes

[Upload][MU]lokiexe.exe

#1 Post by venedictum »

Download Link:
http://www.megaupload.com/?d=SLMGG698

Code: Select all

File name:
e452e9729934de867c8dd31c0ebbf4b6
Submission date:
2011-04-12 00:22:05 (UTC)
Current status:
finished
Result:
8 /42 (19.0%)

Antivirus 	Version 	Last Update 	Result
AhnLab-V3 	2011.04.12.00 	2011.04.11 	-
AntiVir 	7.11.6.53 	2011.04.11 	-
Antiy-AVL 	2.0.3.7 	2011.04.11 	-
Avast 	4.8.1351.0 	2011.04.11 	-
Avast5 	5.0.677.0 	2011.04.11 	-
AVG 	10.0.0.1190 	2011.04.12 	Win32/Heur
BitDefender 	7.2 	2011.04.12 	-
CAT-QuickHeal 	11.00 	2011.04.11 	-
ClamAV 	0.97.0.0 	2011.04.12 	-
Commtouch 	5.2.11.5 	2011.04.06 	-
Comodo 	8309 	2011.04.12 	-
DrWeb 	5.0.2.03300 	2011.04.12 	-
Emsisoft 	5.1.0.5 	2011.04.11 	Virus.Win32.Heur!IK
eSafe 	7.0.17.0 	2011.04.12 	Suspicious File
eTrust-Vet 	36.1.8266 	2011.04.11 	-
F-Prot 	4.6.2.117 	2011.04.12 	-
F-Secure 	9.0.16440.0 	2011.04.12 	-
Fortinet 	4.2.254.0 	2011.04.09 	-
GData 	22 	2011.04.12 	-
Ikarus 	T3.1.1.103.0 	2011.04.11 	Virus.Win32.Heur
Jiangmin 	13.0.900 	2011.04.09 	-
K7AntiVirus 	9.96.4360 	2011.04.11 	-
Kaspersky 	7.0.0.125 	2011.04.12 	-
McAfee 	5.400.0.1158 	2011.04.12 	Artemis!E452E9729934
McAfee-GW-Edition 	2010.1C 	2011.04.11 	Artemis!E452E9729934
Microsoft 	1.6702 	2011.04.11 	-
NOD32 	6034 	2011.04.11 	-
Norman 	6.07.07 	2011.04.11 	-
Panda 	10.0.3.5 	2011.04.11 	-
PCTools 	7.0.3.5 	2011.04.11 	-
Prevx 	3.0 	2011.04.12 	-
Rising 	23.53.00.05 	2011.04.11 	-
Sophos 	4.64.0 	2011.04.11 	Sus/UnkPacker
SUPERAntiSpyware 	4.40.0.1006 	2011.04.10 	-
Symantec 	20101.3.2.89 	2011.04.12 	-
TheHacker 	6.7.0.1.171 	2011.04.11 	-
TrendMicro 	9.200.0.1012 	2011.04.11 	-
TrendMicro-HouseCall 	9.200.0.1012 	2011.04.12 	-
VBA32 	3.12.14.3 	2011.04.11 	-
VIPRE 	8992 	2011.04.12 	Trojan.Win32.Generic!BT
ViRobot 	2011.4.11.4404 	2011.04.11 	-
VirusBuster 	13.6.299.0 	2011.04.11 	-

Code: Select all

Additional information
MD5   : e452e9729934de867c8dd31c0ebbf4b6
SHA1  : 1087c16a041f36a55f9066b498842df7302b312d
SHA256: e977f59c3f884104b44d0bca39e95c22b371bb9fe91e844080a5e516bcf76fca
ssdeep: 98304:TxZuXr49bJdd61KdaaO2bYx4jaXU7kctEqWL0ksK7G/nuMLqV+q356xTSFq2g/SV:Tvu7
+bJdd61KdaaO2bYx4jaXU7kctEq7
File size : 3861504 bytes
First seen: 2011-03-16 17:40:20
Last seen : 2011-04-12 00:22:05
Magic: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
TrID:
Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEiD: -
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x458000
timedatestamp....: 0x0 (Thu Jan 01 00:00:00 1970)
machinetype......: 0x14C (Intel I386)

[[ 6 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x342000, 0x341400, 6.62, c59ae61a7508e233c2e6a6ff61ef2961
.data, 0x343000, 0x2D000, 0x2CC00, 5.47, 9a04d6831918c361523782fe3d9043a3
, 0x370000, 0xE3000, 0x3B400, 6.53, f9a66667358ebc1824b28e5cf070a93b
.rsrc, 0x453000, 0x2000, 0x1A00, 4.73, 8a956a5404764d79a279874a2fb5fdd4
.idata, 0x455000, 0x3000, 0x2600, 5.04, ed8bd81985a0e545032d9cd9d1a2e501
.pseudo, 0x458000, 0x2000, 0x1400, 0.98, 0ee7ad00d59ec06ea1c73e6802a5db23

[[ 17 import(s) ]]
advapi32.dll: RegCloseKey, CryptGetHashParam, CryptVerifySignatureA, RegEnumValueA, GetUserNameA, CryptImportKey, CryptEncrypt, RegCreateKeyA, RegDeleteValueA, RegOpenKeyExA, RegSetValueExA, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, RegQueryValueExA, CryptAcquireContextA, CryptCreateHash, CryptHashData, CryptDeriveKey, CryptDecrypt, CryptDestroyKey, CryptDestroyHash, CryptReleaseContext, RegCreateKeyExA
binkw32.dll: _BinkClose@4, _BinkSetSoundSystem@8, _BinkOpenDirectSound@4, _BinkWait@4, _BinkPause@8, _BinkGoto@12, _BinkOpen@8
cps.dll: uncompress, compress
ddraw.dll: DirectDrawCreateEx
dinput.dll: DirectInputCreateA
gdi32.dll: GetStockObject, CreatePolygonRgn, CreateSolidBrush, FillRgn, TextOutA, TextOutW, GetTextExtentPoint32W, SetTextColor, GetCurrentObject, SetBkMode, CreateFontIndirectA, EnumFontFamiliesExA, CreateFontA, CreateDIBSection, SelectObject, DeleteObject, DeleteDC, CreateCompatibleDC
granny2.dll: _GrannySetModelClock@8, _GrannySampleModelAnimations@16, _GrannyBuildWorldPose@24, _GrannyFreeCompletedModelControls@4, _GrannyGetSourceSkeleton@4, _GrannyNewMeshBinding@12, _GrannyCopyMeshIndices@12, _GrannyGetMeshVertexCount@4, _GrannyMeshIsRigid@4, GrannyPNT332VertexType, _GrannyCopyMeshVertices@12, _GrannyGetMeshVertexType@4, _GrannyNewMeshDeformer@12, _GrannyGetMaterialTextureByType@8, _GrannyInstantiateModel@4, _GrannyNewWorldPose@4, _GrannyGetSecondsElapsed@8, _GrannyGetWorldPoseComposite4x4Array@4, _GrannyCopyTextureImage@32, _GrannyFreeMeshBinding@4, _GrannyFreeMeshDeformer@4, _GrannyFreeModelInstance@4, _GrannyFreeWorldPose@4, _GrannyFreeControl@4, _GrannyPlayControlledAnimation@12, _GrannySetControlLoopCount@8, _GrannySetControlActive@8, _GrannyVersionsMatch_@16, _GrannyReadEntireFileFromMemory@8, _GrannyGetFileInfo@4, _GrannyNewLocalPose@4, _GrannyFreeFileSection@8, _GrannyGetMeshIndexCount@4, _GrannyFreeLocalPose@4, _GrannyFreeFile@4, _GrannyGetControlDurationLeft@4, _GrannyTextureHasAlpha@4, _GrannyGetSystemSeconds@0, _GrannyGetMeshBindingToBoneIndices@4, _GrannyGetMeshTriangleGroups@4, _GrannyGetWorldPoseComposite4x4@8, _GrannyGetMeshVertices@4, _GrannyDeformVertices@24, _GrannyGetMeshIndices@4, _GrannyGetMeshBytesPerIndex@4, GrannyRGBA8888PixelFormat
ijl15.dll: -, -, -, -
imm32.dll: ImmReleaseContext, ImmGetContext, ImmGetCompositionStringW, ImmGetCompositionStringA, ImmGetCandidateListW, ImmGetVirtualKey, ImmNotifyIME
kernel32.dll: LocalLock, FormatMessageA, GetVersionExA, GetSystemDirectoryA, GetCurrentProcessId, OpenProcess, CreateFileMappingA, UnmapViewOfFile, MapViewOfFile, GetSystemInfo, InitializeCriticalSection, DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, IsDebuggerPresent, IsDBCSLeadByte, GetSystemTime, CreateDirectoryA, GlobalMemoryStatus, SetPriorityClass, CreateProcessA, MoveFileExA, CreateMutexA, SetUnhandledExceptionFilter, TerminateProcess, SetEvent, SetEndOfFile, ResumeThread, ResetEvent, LocalFree, WaitForMultipleObjects, CreateEventA, OpenEventA, OpenMutexA, CopyFileA, DeleteFileA, GetCurrentThreadId, TerminateThread, ReleaseMutex, GetComputerNameA, lstrlenA, lstrcmpA, ExitProcess, IsBadReadPtr, GetModuleFileNameW, OpenFileMappingA, VirtualQuery, LoadLibraryExA, GetTempFileNameA, GetTempPathA, HeapFree, HeapAlloc, GetFileInformationByHandle, DuplicateHandle, SetStdHandle, CreatePipe, GetStdHandle, PeekNamedPipe, lstrcpyA, InterlockedExchange, GetLastError, lstrcatA, SetFilePointer, WriteFile, CreateFileA, GetFileSize, GetExitCodeProcess, VirtualAlloc, RtlUnwind, TlsSetValue, TlsGetValue, ExitThread, GetTimeZoneInformation, RaiseException, ReadFile, CloseHandle, VirtualFree, QueryPerformanceFrequency, QueryPerformanceCounter, WideCharToMultiByte, GetUserDefaultLangID, InterlockedDecrement, CreateThread, WaitForSingleObject, SetThreadPriority, InterlockedIncrement, GetModuleHandleA, GetModuleFileNameA, GetCurrentProcess, GetCurrentThread, GlobalAlloc, GlobalLock, GlobalFree, GlobalUnlock, Sleep, GetCurrentDirectoryA, GetTickCount, FindFirstFileA, FindClose, FindNextFileA, lstrcmpiA, VirtualProtect, LoadLibraryA, GetProcAddress, FreeLibrary, GetLocalTime, GetProcessHeap, GetFullPathNameA, GetDriveTypeA, HeapCompact, MultiByteToWideChar, GetLocaleInfoW, MulDiv, OutputDebugStringA, CreateFileW, SetEnvironmentVariableA, IsBadCodePtr, GetOEMCP, GetACP, GetFileAttributesA, RemoveDirectoryA, SetFileAttributesA, MoveFileA, GetSystemTimeAsFileTime, HeapReAlloc, GetStartupInfoA, GetCommandLineA, GetVersion, FatalAppExitA, LCMapStringA, LCMapStringW, GetCPInfo, CompareStringA, CompareStringW, HeapSize, TlsAlloc, GetEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsW, FreeEnvironmentStringsA, SetConsoleCtrlHandler, GetUserDefaultLCID, EnumSystemLocalesA, GetLocaleInfoA, IsValidCodePage, IsValidLocale, FlushFileBuffers, TlsFree, GetStringTypeW, GetStringTypeA, UnhandledExceptionFilter, GetFileType, SetHandleCount, IsBadWritePtr, HeapCreate, HeapDestroy, GetEnvironmentVariableA, SetLastError
mss32.dll: _AIL_set_3D_sample_volume@8, _AIL_set_3D_sample_distances@12, _AIL_start_3D_sample@4, _AIL_sample_status@4, _AIL_init_sample@4, _AIL_set_sample_file@12, _AIL_set_sample_volume@8, _AIL_start_sample@4, _AIL_end_sample@4, _AIL_end_3D_sample@4, _AIL_stream_status@4, _AIL_open_stream@12, _AIL_set_stream_loop_count@8, _AIL_start_stream@4, _AIL_pause_stream@8, _AIL_stream_volume@4, _AIL_set_3D_orientation@28, _AIL_release_3D_sample_handle@4, _AIL_close_3D_listener@4, _AIL_close_3D_provider@4, _AIL_release_sample_handle@4, _AIL_close_digital_driver@4, _AIL_shutdown@0, _AIL_startup@0, _AIL_set_preference@8, _AIL_open_digital_driver@16, _AIL_close_stream@4, _AIL_allocate_sample_handle@4, _AIL_enumerate_3D_providers@12, _AIL_open_3D_provider@4, _AIL_3D_speaker_type@4, _AIL_set_3D_speaker_type@8, _AIL_open_3D_listener@4, _AIL_allocate_3D_sample_handle@4, _AIL_set_3D_position@16, _AIL_set_3D_sample_effects_level@8, _AIL_set_3D_sample_file@8, _AIL_set_stream_volume@8, _AIL_3D_sample_status@4, _AIL_set_3D_room_type@8, _AIL_3D_room_type@4, _AIL_decompress_ADPCM@12, _AIL_WAV_info@8, _AIL_decompress_ASI@24, _AIL_file_type@8, _AIL_mem_free_lock@4, _AIL_set_redist_directory@4
netapi32.dll: Netbios
ole32.dll: CoInitialize, CoUninitialize
shell32.dll: ShellExecuteA
user32.dll: SetWindowLongA, ClientToScreen, GetClientRect, SetRect, RedrawWindow, DrawMenuBar, ShowWindow, GetSystemMetrics, CharNextExA, CharPrevExA, GetKeyState, wsprintfA, GetAsyncKeyState, MoveWindow, MessageBoxA, GetDC, ShowCursor, DestroyWindow, FindWindowA, LoadIconA, LoadCursorA, RegisterClassA, AdjustWindowRect, CreateWindowExA, UpdateWindow, GetKeyboardType, ValidateRect, SetCursor, GetActiveWindow, IsIconic, GetCursorPos, ScreenToClient, SetWindowTextA, EndDialog, SetFocus, GetDlgItem, CloseClipboard, SetClipboardData, EmptyClipboard, DefWindowProcA, SendMessageA, PeekMessageA, TranslateMessage, DispatchMessageA, GetClipboardData, GetKeyboardLayout, DialogBoxParamA, OpenClipboard, GetWindowRect
winmm.dll: timeSetEvent, timeGetDevCaps, timeBeginPeriod, timeEndPeriod, timeGetTime, timeKillEvent
ws2_32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, WSASend
ExifTool:
file metadata
CodeSize: 3416064
EntryPoint: 0x458000
FileSize: 3.7 MB
FileType: Win32 EXE
ImageVersion: 0.0
InitializedDataSize: 1122304
LinkerVersion: 6.0
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 4.0
PEType: PE32
Subsystem: Windows GUI
SubsystemVersion: 4.0
TimeStamp: 0000:00:00 00:00:00
UninitializedDataSize: 0
Kayo na po bahala kung gusto nyo gamitin. Share ko lang ginagamit ko. Gginamitan ko na rin po iyan ng Virus Total... Nasa taas yung Result... I just edited the sakexe ng pRO.
Top

Return to “pRO”