Παρόλα αυτά στο VirusTotal βγαίνει καθαρό εκτός από το:
Κώδικας: Επιλογή όλων
Symantec 20101.1.0.89 2010.06.18 Suspicious.Emit
Κώδικας: Επιλογή όλων
Additional information
File size: 30720 bytes
MD5...: 97c9d368d8a479c36ebdff61800f9808
SHA1..: 7e36e5bc2c6d07a0b6fcb0140f16d3454bd0d59f
SHA256: 0269242c6ea245c27b8eb99a8f03b85b70335b9a63efb7c7ca70ac42f8151f08
ssdeep: 768:ENn51quMH5O4iT3JwrrsKsUmnDF6ZIKJHAPbsjU:ED4Ru0cnKJgPAj
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x7108
timedatestamp.....: 0x4b354a22 (Fri Dec 25 23:26:26 2009)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.rsrc 0x2000 0x4f8 0x600 3.77 b6102343a443fc01b22609cca07a21e7
.text 0x4000 0x6df8 0x6e00 6.19 7f2f43137f686be0b2c615bb2841da97
.reloc 0xc000 0xc 0x200 0.10 5091bb6c6e3cb0589da2c2ce7d061b61
( 1 imports )
> mscoree.dll: _CorExeMain
( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Generic (58.3%)
Win16/32 Executable Delphi generic (14.1%)
Generic Win/DOS Executable (13.7%)
DOS Executable Generic (13.6%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: n/a
copyright....: Copyright (c) 2009
product......: n/a
description..:
original name: svhost.exe
internal name: svhost.exe
file version.: 1.0.0.0
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned