| עברית | | Slovenščina | Dansk | Русский | Română | Türkçe | Nederlands | Ελληνικά | Français | Svenska | Português | Italiano | | | Magyar | Deutsch | Česky | Polski | Español
Virus Total

Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...

File gdihook.dll received on 10.12.2008 12:52:31 (CET)
Current status: finished
Result: 18/36 (50.00%)
Antivirus Version Last Update Result
AhnLab-V3 2008.10.10.1 2008.10.10 -
AntiVir 7.8.1.34 2008.10.11 BDS/Hupigon.djlq
Authentium 5.1.0.4 2008.10.11 W32/Backdoor2.CQMQ
Avast 4.8.1248.0 2008.10.11 Win32:Trojan-gen {Other}
AVG 8.0.0.161 2008.10.11 BackDoor.Hupigon4.ADUA
BitDefender 7.2 2008.10.12 -
CAT-QuickHeal 9.50 2008.10.11 Backdoor.Hupigon.djlq
ClamAV 0.93.1 2008.10.12 -
DrWeb 4.44.0.09170 2008.10.12 -
eSafe 7.0.17.0 2008.10.08 -
eTrust-Vet 31.6.6141 2008.10.10 -
Ewido 4.0 2008.10.12 -
F-Prot 4.4.4.56 2008.10.11 W32/Backdoor2.CQMQ
F-Secure 8.0.14332.0 2008.10.12 Backdoor.Win32.Hupigon.djlq
Fortinet 3.113.0.0 2008.10.12 W32/Hupigon.DJLQ!tr.bdr
GData 19 2008.10.12 Win32:Trojan-gen {Other}
Ikarus T3.1.1.34.0 2008.10.12 Backdoor.Win32.Hupigon.djlq
K7AntiVirus 7.10.491 2008.10.11 Backdoor.Win32.Hupigon.djlq
Kaspersky 7.0.0.125 2008.10.12 Backdoor.Win32.Hupigon.djlq
McAfee 5403 2008.10.11 Generic BackDoor
Microsoft 1.4005 2008.10.12 -
NOD32 3515 2008.10.11 probably a variant of Win32/Hupigon
Norman 5.80.02 2008.10.10 W32/Hupigon.DXUO
Panda 9.0.0.4 2008.10.12 -
PCTools 4.4.2.0 2008.10.11 -
Prevx1 V2 2008.10.12 -
Rising 20.65.42.00 2008.10.10 -
SecureWeb-Gateway 6.7.6 2008.10.11 Trojan.Backdoor.Hupigon.djlq
Sophos 4.34.0 2008.10.12 Mal/Generic-A
Sunbelt 3.1.1716.1 2008.10.12 -
Symantec 10 2008.10.12 -
TheHacker 6.3.1.0.108 2008.10.11 -
TrendMicro 8.700.0.1004 2008.10.10 -
VBA32 3.12.8.6 2008.10.12 Backdoor.Win32.Hupigon.djlq
ViRobot 2008.10.10.1416 2008.10.10 -
VirusBuster 4.5.11.0 2008.10.11 -
Additional information
File size: 86016 bytes
MD5...: 087b48716318b5d3bbccac930e28b145
SHA1..: 85f9725adee1dfe8989615499cbcac71a5e7b8f3
SHA256: 26705419c145bd9ebde3bbdb5fa2bc55b18417985465c81d7a1ad4a673c67b55
SHA512: bf5c6032f83e9150cdfc383a644700213ecacbd6e21817e27fc245a978e7e72b
105da08c4838aad41caa89e71772c98a99826408bd644f6e966b30a6dff5bb64
PEiD..: -
TrID..: File type identification
Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x59812aa4
timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
machinetype.......: 0x14c (I386)

( 6 sections )
name viradd virsiz rawdsiz ntrpy md5
CODE 0x1000 0x11ad0 0x11c00 6.54 06761f97ae2a73d446a86dcb37e4ed9e
DATA 0x13000 0xc8c 0xe00 4.96 aa6e1d4f281f18b5ed5d092baa0be86b
BSS 0x14000 0x7bd 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.idata 0x15000 0x9d8 0xa00 4.71 e5f012632ce9631bdca71e1cc6f48dfe
.reloc 0x16000 0xd18 0xe00 6.58 3436ae155decdc34f74d638e387f7a1f
.rsrc 0x17000 0xa00 0xa00 3.57 a287fb41f9acd3674028b6221774450c

( 9 imports )
> kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetCurrentThreadId, GetStartupInfoA, GetCommandLineA, FreeLibrary, ExitProcess, WriteFile, UnhandledExceptionFilter, RtlUnwind, RaiseException, GetStdHandle
> user32.dll: GetKeyboardType, MessageBoxA
> advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
> oleaut32.dll: SysFreeString, SysReAllocStringLen
> kernel32.dll: TlsSetValue, TlsGetValue, TlsFree, TlsAlloc, LocalFree, LocalAlloc
> advapi32.dll: SetSecurityDescriptorDacl, OpenProcessToken, LookupPrivilegeValueA, InitializeSecurityDescriptor, GetTokenInformation, GetLengthSid, AdjustTokenPrivileges
> kernel32.dll: lstrlenW, WaitForSingleObject, WaitForMultipleObjects, VirtualQuery, VirtualProtect, VirtualFree, VirtualAlloc, UnmapViewOfFile, Sleep, SetThreadPriority, SetLastError, SetEvent, ReleaseMutex, OpenProcess, OpenMutexW, OpenMutexA, OpenFileMappingW, OpenFileMappingA, OpenEventA, MapViewOfFile, LocalFree, LocalAlloc, LoadLibraryExA, LoadLibraryW, LoadLibraryA, LeaveCriticalSection, IsBadReadPtr, InitializeCriticalSection, GetVersionExW, GetVersionExA, GetVersion, GetThreadContext, GetProcAddress, GetModuleHandleW, GetModuleHandleA, GetModuleFileNameW, GetModuleFileNameA, GetLastError, GetCurrentThreadId, GetCurrentThread, GetCurrentProcessId, GetCurrentProcess, FreeLibrary, FormatMessageA, EnterCriticalSection, DuplicateHandle, DeleteCriticalSection, CreateMutexW, CreateMutexA, CreateFileMappingW, CreateFileMappingA, CreateFileA, CreateEventA, CloseHandle
> user32.dll: OpenInputDesktop, MessageBoxA, GetUserObjectInformationA, GetThreadDesktop, CloseDesktop
> advapi32.dll: GetKernelObjectSecurity

( 0 exports )

ATENTION ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.

Scan another file