× Cookies are disabled! This site requires cookies to be enabled to work properly
VirusTotal
SHA256: 467c9a15a6fc32675d5390e3144f1ee80873a7d798399233c7efa6d990980be7
SHA1: 799b708bee90e93ca291275016ea152ab772e1b0
MD5: 784b38cf29ae7c0cbb168a49266c27c4
File size: 50.0 KB ( 51200 bytes )
File name: iesys.exe
File type: Win32 EXE
Tags: peexe
Detection ratio: 22 / 44
Analysis date: 2012-10-12 23:03:24 UTC ( 6 時間, 36 分 ago )
More details
Antivirus Result Update
MicroWorld-eScan Trojan.Generic.KDV.756494 20121012
nProtect Trojan.Generic.KDV.756494 20121012
CAT-QuickHeal - 20121012
McAfee BackDoor-FIT 20121013
K7AntiVirus Trojan 20121012
TheHacker - 20121009
F-Prot - 20121012
Symantec Backdoor.Rabasheeta 20121013
Norman W32/Suspicious_Gen4.BGBVR 20121012
TotalDefense - 20121012
TrendMicro-HouseCall BKDR_SYSIE.A 20121012
Avast Win32:Trojan-gen 20121013
eSafe - 20121009
ClamAV - 20121012
Kaspersky Backdoor.MSIL.Agent.gzd 20121013
BitDefender Trojan.Generic.KDV.756494 20121012
Agnitum - 20121012
ViRobot - 20121012
ByteHero - 20121009
Emsisoft - 20120919
Comodo - 20121012
F-Secure - 20121003
DrWeb - 20121013
VIPRE Trojan.Win32.Generic!BT 20121013
AntiVir TR/Agent.fle 20121012
TrendMicro BKDR_SYSIE.A 20121012
McAfee-GW-Edition BackDoor-FIT 20121012
Sophos - 20121012
Jiangmin - 20121012
Antiy-AVL - 20121012
Kingsoft - 20121008
Microsoft Backdoor:Win32/Rabasheeta.A 20121012
SUPERAntiSpyware - 20121013
GData Trojan.Generic.KDV.756494 20121012
Commtouch - 20121012
AhnLab-V3 Win-Trojan/Sysie.51200 20121012
VBA32 - 20121012
PCTools Backdoor.Rabasheeta 20121012
ESET-NOD32 a variant of MSIL/Rabasheeta.A 20121012
Rising - 20121012
Ikarus Backdoor.MSIL 20121012
Fortinet W32/BDoor.FIT!tr.bdr 20121013
AVG BackDoor.Agent.ASDG 20121012
Panda - 20121012
No comments
More comments

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

Sign in Join the community
No votes
More votes
ssdeep
1536:O4Y/T6NgYkFNwX2H6qq5qFJVc3XyFXp2Ikb/7h:y6NgYv5qFJVc3XDIkb/7h
TrID
Generic CIL Executable (.NET, Mono, etc.) (68.8%)
Windows Screen Saver (12.3%)
Win32 Executable Generic (8.0%)
Win32 Dynamic Link Library (generic) (7.1%)
Generic Win/DOS Executable (1.8%)
ExifTool
SubsystemVersion.........: 4.0
LinkerVersion............: 8.0
ImageVersion.............: 0.0
FileSubtype..............: 0
FileVersionNumber........: 1.0.0.0
UninitializedDataSize....: 0
LanguageCode.............: Neutral
FileFlagsMask............: 0x003f
CharacterSet.............: Unicode
InitializedDataSize......: 2048
FileOS...................: Win32
MIMEType.................: application/octet-stream
LegalCopyright...........: Copyright    Hewlett-Packard Company 2012
FileVersion..............: 1.0.0.0
TimeStamp................: 2012:08:06 07:16:36+01:00
FileType.................: Win32 EXE
PEType...................: PE32
InternalName.............: iesys.exe
ProductVersion...........: 1.0.0.0
FileDescription..........: iesys
OSVersion................: 4.0
OriginalFilename.........: iesys.exe
Subsystem................: Windows GUI
MachineType..............: Intel 386 or later, and compatibles
CompanyName..............: Hewlett-Packard Company
CodeSize.................: 48640
ProductName..............: iesys
ProductVersionNumber.....: 1.0.0.0
EntryPoint...............: 0xdd0e
ObjectFileType...........: Executable application
AssemblyVersion..........: 1.0.0.0
Sigcheck
publisher................: Hewlett-Packard Company
product..................: iesys
internal name............: iesys.exe
file version.............: 1.0.0.0
original name............: iesys.exe
copyright................: Copyright (c) Hewlett-Packard Company 2012
description..............: iesys
Portable Executable structural information
Compilation timedatestamp.....: 2012-08-06 06:16:36
Target machine................: 0x14C (Intel 386 or later processors and compatible processors)
Entry point address...........: 0x0000DD0E

PE Sections...................:

Name        Virtual Address  Virtual Size  Raw Size  Entropy  MD5
.text                  8192         48404     48640     5.83  68f0aa747f5276db1864e94838e3684e
.rsrc                 57344          1440      1536     4.06  4ad86e20aeeeeedf150b24ad34aeab65
.reloc                65536            12       512     0.08  23f2e568c47aa52042d1950d3183ceb7

PE Imports....................:

[[mscoree.dll]]
_CorExeMain

PE Resources..................:

Resource type            Number of resources
RT_MANIFEST              1
RT_VERSION               1

Resource language        Number of resources
NEUTRAL                  2
F-Secure Deepguard
Suspicious:W32/Malware!Online
First seen by VirusTotal
2012-10-11 01:10:44 UTC ( 2 日, 4 時間 ago )
Last seen by VirusTotal
2012-10-12 23:03:24 UTC ( 6 時間, 36 分 ago )
File names (max. 25)
  1. iesys.exe
  2. 467c9a15a6fc32675d5390e3144f1ee80873a7d798399233c7efa6d990980be7
  3. 784b38cf29ae7c0cbb168a49266c27c4
Blog | Twitter | | Google groups | ToS | Privacy policy