× Cookies are disabled! This site requires cookies to be enabled to work properly
VirusTotal
SHA256: 47b8db81218cdb7469486b7727b689db061369dc3622e12dff404be98aadc924
SHA1: 7f2779ece8a3471393d828b61992bcf148ef9702
MD5: 746f911c631411f611308eaafb6c353d
File size: 48.5 KB ( 49664 bytes )
File name: 746f911c631411f611308eaafb6c353d
File type: Win32 EXE
Tags: peexe mz
Detection ratio: 32 / 42
Analysis date: 2012-10-17 13:30:57 UTC ( 1 日, 3 時間 ago )
More details
Antivirus Result Update
MicroWorld-eScan Trojan.Agent.AXAG 20121017
nProtect Trojan/W32.Agent.49664.LY 20121017
CAT-QuickHeal Trojan.Fakemess 20121017
McAfee BackDoor-FIT 20121017
K7AntiVirus Riskware 20121016
TheHacker - 20121016
F-Prot - 20121017
Symantec Backdoor.Rabasheeta 20121017
Norman W32/Agent.AJQBO 20121017
TotalDefense Win32/Rabasheeta.A 20121017
TrendMicro-HouseCall BKDR_SYSIE.A 20121017
Avast Win32:Malware-gen 20121017
eSafe Win32.Trojan 20121017
ClamAV - 20121017
Kaspersky Backdoor.MSIL.Agent.gza 20121017
BitDefender Trojan.Agent.AXAG 20121017
Agnitum - 20121016
ViRobot Backdoor.Win32.S.Agent.49664.AO 20121017
ByteHero - 20121017
Comodo TrojWare.Win32.Trojan.Generic 20121017
F-Secure Trojan.Agent.AXAG 20121017
DrWeb BackDoor.Rabasheeta.1 20121017
VIPRE Trojan.Win32.Generic!BT 20121017
AntiVir BDS/Rabasheeta.A 20121017
TrendMicro BKDR_SYSIE.A 20121017
McAfee-GW-Edition BackDoor-FIT 20121017
Sophos Mal/Rabashe-A 20121017
Jiangmin Backdoor/Agent.dpjd 20121017
Antiy-AVL - 20121017
Kingsoft Win32.Hack.MSIL.(kcloud) 20121008
Microsoft Backdoor:Win32/Rabasheeta.A 20121017
SUPERAntiSpyware - 20121017
GData Trojan.Agent.AXAG 20121017
Commtouch - 20121017
AhnLab-V3 Win-Trojan/Rabasheeta.49664 20121017
VBA32 - 20121016
ESET-NOD32 MSIL/Rabasheeta.A 20121017
Rising - 20121017
Ikarus Trojan-Spy 20121017
Fortinet W32/Sysie.A!tr 20121017
AVG BackDoor.Agent.ASDF 20121017
Panda Bck/Rabasheeta.A 20121017
No comments
More comments

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

Sign in Join the community
No votes
More votes
ssdeep
768:s3Lre4d/XIyNngB+pWbEfMqFuVc3X0HiMXh3wIk84SmNHbY1:wTd/XPNgB+p8qFuVc3X0FXJwIk8/iY1
TrID
Generic CIL Executable (.NET, Mono, etc.) (68.8%)
Windows Screen Saver (12.3%)
Win32 Executable Generic (8.0%)
Win32 Dynamic Link Library (generic) (7.1%)
Generic Win/DOS Executable (1.8%)
ExifTool
UninitializedDataSize....: 0
InitializedDataSize......: 2048
ImageVersion.............: 0.0
ProductName..............: iesys
FileVersionNumber........: 1.0.0.0
LanguageCode.............: Neutral
FileFlagsMask............: 0x003f
FileDescription..........: iesys
CharacterSet.............: Unicode
LinkerVersion............: 8.0
FileOS...................: Win32
MIMEType.................: application/octet-stream
Subsystem................: Windows GUI
FileVersion..............: 1.0.0.0
TimeStamp................: 2012:07:31 10:31:44+01:00
FileType.................: Win32 EXE
PEType...................: PE32
InternalName.............: iesys.exe
ProductVersion...........: 1.0.0.0
SubsystemVersion.........: 4.0
OSVersion................: 4.0
OriginalFilename.........: iesys.exe
LegalCopyright...........: Copyright    Hewlett-Packard Company 2012
MachineType..............: Intel 386 or later, and compatibles
CompanyName..............: Hewlett-Packard Company
CodeSize.................: 47104
FileSubtype..............: 0
ProductVersionNumber.....: 1.0.0.0
EntryPoint...............: 0xd6de
ObjectFileType...........: Executable application
AssemblyVersion..........: 1.0.0.0
Sigcheck
publisher................: Hewlett-Packard Company
product..................: iesys
internal name............: iesys.exe
copyright................: Copyright (c) Hewlett-Packard Company 2012
original name............: iesys.exe
file version.............: 1.0.0.0
description..............: iesys
Portable Executable structural information
Compilation timedatestamp.....: 2012-07-31 09:31:44
Target machine................: 0x14C (Intel 386 or later processors and compatible processors)
Entry point address...........: 0x0000D6DE

PE Sections...................:

Name        Virtual Address  Virtual Size  Raw Size  Entropy  MD5
.text                  8192         46820     47104     5.83  31f7d018c502af51577202e19522b11c
.rsrc                 57344          1440      1536     4.06  4ad86e20aeeeeedf150b24ad34aeab65
.reloc                65536            12       512     0.08  a18e3cfc79248648d5f641e58bfc2fc0

PE Imports....................:

[[mscoree.dll]]
_CorExeMain

PE Resources..................:

Resource type            Number of resources
RT_MANIFEST              1
RT_VERSION               1

Resource language        Number of resources
NEUTRAL                  2
Symantec Reputation
Suspicious.Insight
F-Secure Deepguard
Suspicious:W32/Malware!Online
First seen by VirusTotal
2012-09-07 10:00:55 UTC ( 1 ヶ月, 1 週間 ago )
Last seen by VirusTotal
2012-10-17 13:30:57 UTC ( 1 日, 3 時間 ago )
File names (max. 25)
  1. iesys.exe
  2. iesys.exex
  3. 47b8db81218cdb7469486b7727b689db061369dc3622e12dff404be98aadc924.txt
  4. 47b8db81218cdb7469486b7727b689db061369dc3622e12dff404be98aadc924
  5. vti-rescan
  6. 746f911c631411f611308eaafb6c
  7. file-4624730_
  8. 746f911c631411f611308eaafb6c353d
Blog | Twitter | | Google groups | ToS | Privacy policy