| עברית | 
| Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | 
| 
| Magyar | Deutsch | Česky | Polski | Español
|
Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information... |
File gdihook.dll received on 10.12.2008 12:52:31 (CET)
Current status: finished
Current status: finished
Result: 18/36 (50.00%)
| Antivirus | Version | Last Update | Result |
|---|---|---|---|
| AhnLab-V3 | 2008.10.10.1 | 2008.10.10 | - |
| AntiVir | 7.8.1.34 | 2008.10.11 | BDS/Hupigon.djlq |
| Authentium | 5.1.0.4 | 2008.10.11 | W32/Backdoor2.CQMQ |
| Avast | 4.8.1248.0 | 2008.10.11 | Win32:Trojan-gen {Other} |
| AVG | 8.0.0.161 | 2008.10.11 | BackDoor.Hupigon4.ADUA |
| BitDefender | 7.2 | 2008.10.12 | - |
| CAT-QuickHeal | 9.50 | 2008.10.11 | Backdoor.Hupigon.djlq |
| ClamAV | 0.93.1 | 2008.10.12 | - |
| DrWeb | 4.44.0.09170 | 2008.10.12 | - |
| eSafe | 7.0.17.0 | 2008.10.08 | - |
| eTrust-Vet | 31.6.6141 | 2008.10.10 | - |
| Ewido | 4.0 | 2008.10.12 | - |
| F-Prot | 4.4.4.56 | 2008.10.11 | W32/Backdoor2.CQMQ |
| F-Secure | 8.0.14332.0 | 2008.10.12 | Backdoor.Win32.Hupigon.djlq |
| Fortinet | 3.113.0.0 | 2008.10.12 | W32/Hupigon.DJLQ!tr.bdr |
| GData | 19 | 2008.10.12 | Win32:Trojan-gen {Other} |
| Ikarus | T3.1.1.34.0 | 2008.10.12 | Backdoor.Win32.Hupigon.djlq |
| K7AntiVirus | 7.10.491 | 2008.10.11 | Backdoor.Win32.Hupigon.djlq |
| Kaspersky | 7.0.0.125 | 2008.10.12 | Backdoor.Win32.Hupigon.djlq |
| McAfee | 5403 | 2008.10.11 | Generic BackDoor |
| Microsoft | 1.4005 | 2008.10.12 | - |
| NOD32 | 3515 | 2008.10.11 | probably a variant of Win32/Hupigon |
| Norman | 5.80.02 | 2008.10.10 | W32/Hupigon.DXUO |
| Panda | 9.0.0.4 | 2008.10.12 | - |
| PCTools | 4.4.2.0 | 2008.10.11 | - |
| Prevx1 | V2 | 2008.10.12 | - |
| Rising | 20.65.42.00 | 2008.10.10 | - |
| SecureWeb-Gateway | 6.7.6 | 2008.10.11 | Trojan.Backdoor.Hupigon.djlq |
| Sophos | 4.34.0 | 2008.10.12 | Mal/Generic-A |
| Sunbelt | 3.1.1716.1 | 2008.10.12 | - |
| Symantec | 10 | 2008.10.12 | - |
| TheHacker | 6.3.1.0.108 | 2008.10.11 | - |
| TrendMicro | 8.700.0.1004 | 2008.10.10 | - |
| VBA32 | 3.12.8.6 | 2008.10.12 | Backdoor.Win32.Hupigon.djlq |
| ViRobot | 2008.10.10.1416 | 2008.10.10 | - |
| VirusBuster | 4.5.11.0 | 2008.10.11 | - |
| Additional information |
|---|
| File size: 86016 bytes |
| MD5...: 087b48716318b5d3bbccac930e28b145 |
| SHA1..: 85f9725adee1dfe8989615499cbcac71a5e7b8f3 |
| SHA256: 26705419c145bd9ebde3bbdb5fa2bc55b18417985465c81d7a1ad4a673c67b55 |
| SHA512: bf5c6032f83e9150cdfc383a644700213ecacbd6e21817e27fc245a978e7e72b 105da08c4838aad41caa89e71772c98a99826408bd644f6e966b30a6dff5bb64 |
| PEiD..: - |
| TrID..: File type identification Win32 Executable Generic (68.0%) Generic Win/DOS Executable (15.9%) DOS Executable Generic (15.9%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%) |
| PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x59812aa4 timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992) machinetype.......: 0x14c (I386) ( 6 sections ) name viradd virsiz rawdsiz ntrpy md5 CODE 0x1000 0x11ad0 0x11c00 6.54 06761f97ae2a73d446a86dcb37e4ed9e DATA 0x13000 0xc8c 0xe00 4.96 aa6e1d4f281f18b5ed5d092baa0be86b BSS 0x14000 0x7bd 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e .idata 0x15000 0x9d8 0xa00 4.71 e5f012632ce9631bdca71e1cc6f48dfe .reloc 0x16000 0xd18 0xe00 6.58 3436ae155decdc34f74d638e387f7a1f .rsrc 0x17000 0xa00 0xa00 3.57 a287fb41f9acd3674028b6221774450c ( 9 imports ) > kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetCurrentThreadId, GetStartupInfoA, GetCommandLineA, FreeLibrary, ExitProcess, WriteFile, UnhandledExceptionFilter, RtlUnwind, RaiseException, GetStdHandle > user32.dll: GetKeyboardType, MessageBoxA > advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey > oleaut32.dll: SysFreeString, SysReAllocStringLen > kernel32.dll: TlsSetValue, TlsGetValue, TlsFree, TlsAlloc, LocalFree, LocalAlloc > advapi32.dll: SetSecurityDescriptorDacl, OpenProcessToken, LookupPrivilegeValueA, InitializeSecurityDescriptor, GetTokenInformation, GetLengthSid, AdjustTokenPrivileges > kernel32.dll: lstrlenW, WaitForSingleObject, WaitForMultipleObjects, VirtualQuery, VirtualProtect, VirtualFree, VirtualAlloc, UnmapViewOfFile, Sleep, SetThreadPriority, SetLastError, SetEvent, ReleaseMutex, OpenProcess, OpenMutexW, OpenMutexA, OpenFileMappingW, OpenFileMappingA, OpenEventA, MapViewOfFile, LocalFree, LocalAlloc, LoadLibraryExA, LoadLibraryW, LoadLibraryA, LeaveCriticalSection, IsBadReadPtr, InitializeCriticalSection, GetVersionExW, GetVersionExA, GetVersion, GetThreadContext, GetProcAddress, GetModuleHandleW, GetModuleHandleA, GetModuleFileNameW, GetModuleFileNameA, GetLastError, GetCurrentThreadId, GetCurrentThread, GetCurrentProcessId, GetCurrentProcess, FreeLibrary, FormatMessageA, EnterCriticalSection, DuplicateHandle, DeleteCriticalSection, CreateMutexW, CreateMutexA, CreateFileMappingW, CreateFileMappingA, CreateFileA, CreateEventA, CloseHandle > user32.dll: OpenInputDesktop, MessageBoxA, GetUserObjectInformationA, GetThreadDesktop, CloseDesktop > advapi32.dll: GetKernelObjectSecurity ( 0 exports ) |
ATTENTION:
VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
