Hi
Found file and sent to virustotal
File Spenser.exe received on 04.15.2009 03:33:37 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Antivirus Version Last Update Result
a-squared 4.0.0.101 2009.04.15 -
AhnLab-V3 5.0.0.2 2009.04.14 -
AntiVir 7.9.0.143 2009.04.14 TR/VB.hho
Antiy-AVL 2.0.3.1 2009.04.14 -
Authentium 5.1.2.4 2009.04.14 -
Avast 4.8.1335.0 2009.04.14 -
AVG 8.5.0.285 2009.04.14 Worm/VB.FHW
BitDefender 7.2 2009.04.15 -
CAT-QuickHeal 10.00 2009.04.14 -
ClamAV 0.94.1 2009.04.15 -
Comodo 1113 2009.04.14 -
DrWeb 4.44.0.09170 2009.04.15 -
eSafe 7.0.17.0 2009.04.13 -
eTrust-Vet 31.6.6455 2009.04.14 Win32/VMalum.FDQR
F-Prot 4.4.4.56 2009.04.14 -
F-Secure 8.0.14470.0 2009.04.15 -
Fortinet 3.117.0.0 2009.04.15 W32/Agent.JMS!tr
GData 19 2009.04.15 -
Ikarus T3.1.1.49.0 2009.04.15 -
K7AntiVirus 7.10.703 2009.04.14 Trojan.Win32.Malware.1
Kaspersky 7.0.0.125 2009.04.15 -
McAfee 5584 2009.04.14 -
McAfee+Artemis 5584 2009.04.14 -
McAfee-GW-Edition 6.7.6 2009.04.14 Trojan.VB.hho
Microsoft 1.4502 2009.04.14 -
NOD32 4008 2009.04.15 -
Norman 6.00.06 2009.04.14 -
nProtect 2009.1.8.0 2009.04.15 -
Panda 10.0.0.14 2009.04.14 -
PCTools 4.4.2.0 2009.04.14 -
Prevx1 V2 2009.04.15 -
Rising 21.25.14.00 2009.04.14 -
Sophos 4.40.0 2009.04.15 Troj/Agent-JMS
Sunbelt 3.2.1858.2 2009.04.15 -
Symantec 1.4.4.12 2009.04.15 -
TheHacker 6.3.4.0.308 2009.04.14 -
TrendMicro 8.700.0.1004 2009.04.14 -
ViRobot 2009.4.14.1692 2009.04.14 -
VirusBuster 4.6.5.0 2009.04.14 -
Additional information
File size: 741419 bytes
MD5...: 20c7d5e00d86b0004097af8ae6460490
SHA1..: 07423c1b11b51acda530a9d0f22c3deb6473f066
SHA256: c1ad04b9d64c8726eb373b0a53cda278114e15e91371c0352d9420f9ed07220d
SHA512: 3ff807f47c858e701f033c7068a4cd7c99bba0089bff578e8495333ba74fa69d
7a699a898c03f14ff75f0903acd6bc94306af9375f9fa28fd9525d820eb8da46
ssdeep: 6144:A0tukSS3LTYlINf/vMC5sMe1sI0Kp3UqtbFYmGiXCcGuF4p13bY:akSSbTY
lINf/vPqsIVpEqtbFY3p1rY
PEiD..: -
TrID..: File type identification
Win32 Executable Microsoft Visual Basic 6 (90.9%)
Win32 Executable Generic (6.1%)
Generic Win/DOS Executable (1.4%)
DOS Executable Generic (1.4%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x46dc
timedatestamp.....: 0x491cf001 (Fri Nov 14 03:26:57 2008)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xa0890 0xa1000 4.57 ade0041c25428c2476bca85fca677461
.data 0xa2000 0x5fa8 0x1000 0.00 620f0b67a91f7f74151bc5be745b7110
.rsrc 0xa8000 0x113c8 0x12000 4.38 40f2b818c23a59a4ac3f7162583e0d95
( 1 imports )
> MSVBVM60.DLL: __vbaVarSub, __vbaVarTstGt, -, __vbaStrI2, _CIcos, _adj_fptan, __vbaVarMove, __vbaStrI4, __vbaVarVargNofree, __vbaFreeVar, __vbaStrVarMove, __vbaLenBstr, __vbaLineInputStr, __vbaEnd, __vbaFreeVarList, _adj_fdiv_m64, __vbaNextEachVar, __vbaFreeObjList, _adj_fprem1, -, __vbaRecAnsiToUni, __vbaCopyBytes, __vbaStrCat, __vbaVarCmpNe, __vbaLsetFixstr, __vbaSetSystemError, __vbaHresultCheckObj, __vbaLenVar, _adj_fdiv_m32, __vbaAryDestruct, __vbaOnError, __vbaObjSet, -, _adj_fdiv_m16i, __vbaObjSetAddref, _adj_fdivr_m16i, -, -, -, __vbaFpR8, __vbaVarTstLt, __vbaBoolVarNull, _CIsin, -, __vbaChkstk, __vbaFileClose, EVENT_SINK_AddRef, -, __vbaGenerateBoundsError, -, __vbaStrCmp, __vbaVarTstEq, __vbaObjVar, __vbaI2I4, DllFunctionCall, __vbaVarLateMemSt, __vbaVarOr, _adj_fpatan, __vbaR4Var, __vbaLateIdCallLd, __vbaRedim, __vbaStrR8, __vbaRecUniToAnsi, EVENT_SINK_Release, _CIsqrt, __vbaVarAnd, EVENT_SINK_QueryInterface, __vbaExceptHandler, __vbaStrToUnicode, _adj_fprem, _adj_fdivr_m64, -, -, -, -, __vbaFPException, __vbaStrVarVal, -, __vbaVarCat, __vbaI2Var, -, -, _CIlog, __vbaErrorOverflow, __vbaFileOpen, __vbaR8Str, -, __vbaNew2, -, _adj_fdiv_m32i, _adj_fdivr_m32i, __vbaI4Str, __vbaVarNot, __vbaVarCmpLt, __vbaFreeStrList, -, _adj_fdivr_m32, _adj_fdiv_r, -, -, -, __vbaVarTstNe, __vbaVarSetVar, __vbaI4Var, -, __vbaVarCmpEq, __vbaAryLock, __vbaLateMemCall, __vbaVarAdd, __vbaVarDup, __vbaStrToAnsi, __vbaFpI2, -, __vbaVarCopy, __vbaFpI4, __vbaVarLateMemCallLd, -, _CIatan, __vbaStrMove, -, __vbaForEachVar, -, _allmul, _CItan, __vbaAryUnlock, _CIexp, -, __vbaFreeObj, __vbaFreeStr, -
( 0 exports )
RDS...: NSRL Reference Data Set
-
ThreatExpert info: <a href='
http://www.threatexpert.com/report.aspx?md5=20c7d5e00d86b0004097af8ae6460490' target='_blank'>
http://www.threatexpert.com/report.aspx?md5=20c7d5e00d86b0004097af8ae6460490</a>
Thanks