Download Link: hxxp://freshline.aero/media/vsv.exe
File Name: vsv.exe
Size: 2184192
MD5: 146b768b07ffe58d8f2e5c786a3b0734
SHA1: 8dffd6e42e69ca523273dcab95631ccb2dffe315
SHA256: a48a562a31c690097dbc9d318feaf6868d22e7a06ce5e2ccde4782a457233e52

VirsuTotal Result: 7/30 (23.33%)
Scanned on 05.11.2008 04:39:03 (CET)
Avast - - Win32:KillFiles-073
AVG - - SHeur.BEPK
DrWeb - - BACKDOOR.Trojan
Ikarus - - Trojan-Spy.Win32.Banker.bbh
Kaspersky - - Trojan-Dropper.Win32.Agent.rep
VBA32 - - suspected of Embedded.Trojan.Win32.KillFiles.pd
Webwasher-Gateway - - Virus.Win32.FileInfector.gen!92 (suspicious)

***** Resources ****************************************************
--- SYS ------------------------------------------------------------
DRIVER
--- Cursor ---------------------------------------------------------
1
2
3
4
5
6
7
--- Bitmap ---------------------------------------------------------
BBABORT
BBALL
BBCANCEL
BBCLOSE
BBHELP
BBIGNORE
BBNO
BBOK
BBRETRY
BBYES
PREVIEWGLYPH
--- Icon -----------------------------------------------------------
1
2
3
4
5
6
7
8
9
--- Dialog ---------------------------------------------------------
DLGTEMPLATE
--- String Table ---------------------------------------------------
4072
4073
4074
4075
4076
4077
4078
4079
4080
4081
4082
4083
4084
4085
4086
4087
4088
4089
4090
4091
4092
4093
4094
4095
4096
--- RCData ---------------------------------------------------------
DVCLAL
PACKAGEINFO
TFORM1
TFORMBO
TFORMC
TFORMC2
TFORMERROR
TFORMI
TFORMI2
TFORMI3
TFORMM1
TFORMM2
TFORMM3
TFORMN1
TFORMN2
TFORMN3
TFORMP
TFORMRAT
TFORMRAT2
TFORMRO
TFORMRO1
TFORMRO2
TFORMSB
TFORMSB2
TX
--- Cursor Group ---------------------------------------------------
32761
32762
32763
32764
32765
32766
32767
--- Icon Group -----------------------------------------------------
MAINICON
--- XP Manifest ----------------------------------------------------
1


***** PE Header ****************************************************
Signature: 00004550
Machine: 014C - Intel 386
Number of sections: 000A
Time/Date stamp: 2A425E19
Pointer to symbol table: 00000000
Number of symbols: 00000000
Size of optional header: 00E0
Characteristics: 818E
Magic: 010B
Linker version (major): 02
Linker version (minor): 19
Size of code: 00209600
Size of initialized data: 01762600
Size of uninitialized data: 00000000
Address of entry point: 0182D000
Base of code: 0182D000
Base of data: 0182D080
Image base: 00400000
Section alignment: 00001000
File alignment: 00000200
OS version (major): 0004
OS version (minor): 0000
Image version (major): 0000
Image version (minor): 0000
Sub system version (major): 0004
Sub system version (minor): 0000
Win32 version: 00000000
Size of image: 01A3C000
Size of headers: 00000400
Checksum: 0021BC63
Sub system: 0002 - Windows graphical user interface (GUI) subsystem
DLL characteristics: 0000
Size of stack reserve: 00100000
Size of stack commit: 00004000
Size of heap reserve: 00100000
Size of heap commit: 00001000
Loader flags: 00000000
Number of RVA: 00000010


***** PE Sections **************************************************
CRC-32: ?
MD5: ?
----- PE Sections --------------------------------------------------
Section VirtSize VirtAddr PhysSize PhysAddr Flags
CODE 000C33B0 00001000 00000000 00000000 E0000020
DATA 000027C0 000C5000 00000000 00000000 C0000040
BSS 00001159 000C8000 00000000 00000000 C0000000
.idata 000027D4 000CA000 00002800 00000400 C0000040
.tls 00000010 000CD000 00000000 00000000 C0000000
.rdata 00000018 000CE000 00000200 00002C00 50000040
.delete 0000E040 000CF000 00000200 00002E00 42000040
.rsrc 0174EE00 000DE000 00008C00 00003000 D0000040
.pklstb 0020D600 0182D000 00209600 0000BC00 E2000020
.relo2 0000004E 01A3B000 00000200 00215200 42000040


***** Import/Export table ******************************************
--- Export table ---------------------------------------------------
--- Import table (libraries: 17) -----------------------------------
kernel32.dll (imports: 36)
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetVersion
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
ExitThread
CreateThread
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
user32.dll (imports: 4)
GetKeyboardType
LoadStringA
MessageBoxA
CharNextA
advapi32.dll (imports: 3)
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
oleaut32.dll (imports: 3)
SysFreeString
SysReAllocStringLen
SysAllocStringLen
kernel32.dll (imports: 4)
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
advapi32.dll (imports: 6)
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegFlushKey
RegCreateKeyExA
RegCloseKey
kernel32.dll (imports: 82)
lstrcpyA
WriteFile
WinExec
WaitForSingleObject
VirtualQuery
VirtualAlloc
Sleep
SizeofResource
SetThreadLocale
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResumeThread
ResetEvent
ReadFile
MultiByteToWideChar
MulDiv
LockResource
LoadResource
LoadLibraryA
LeaveCriticalSection
InitializeCriticalSection
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalHandle
GlobalLock
GlobalFree
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetWindowsDirectoryA
GetVersionExA
GetVersion
GetUserDefaultLCID
GetTimeZoneInformation
GetTickCount
GetThreadLocale
GetTempPathA
GetSystemInfo
GetSystemDirectoryA
GetStringTypeExA
GetStdHandle
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameA
GetFileSize
GetExitCodeThread
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCurrentProcessId
GetComputerNameA
GetCPInfo
GetACP
FreeResource
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
FreeLibrary
FormatMessageA
FindResourceA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
EnumCalendarInfoA
EnterCriticalSection
DeleteFileA
DeleteCriticalSection
CreateThread
CreateFileA
CreateEventA
CopyFileA
CompareStringA
CloseHandle
version.dll (imports: 3)
VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA
gdi32.dll (imports: 71)
UnrealizeObject
StretchBlt
SetWindowOrgEx
SetWinMetaFileBits
SetViewportOrgEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetMapMode
SetEnhMetaFileBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
SelectObject
SaveDC
RestoreDC
Rectangle
RectVisible
RealizePalette
Polyline
PlayEnhMetaFile
PatBlt
MoveToEx
MaskBlt
LineTo
LPtoDP
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetTextMetricsA
GetTextExtentPoint32A
GetSystemPaletteEntries
GetStockObject
GetPixel
GetPaletteEntries
GetObjectA
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileDescriptionA
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
GetBitmapBits
GdiFlush
ExcludeClipRect
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreatePenIndirect
CreatePalette
CreateHalftonePalette
CreateFontIndirectA
CreateEnhMetaFileA
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileA
CloseEnhMetaFile
BitBlt
user32.dll (imports: 172)
CreateWindowExA
WindowFromPoint
WinHelpA
WaitMessage
UpdateWindow
UnregisterClassA
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
SystemParametersInfoA
ShowWindowAsync
ShowWindow
ShowScrollBar
ShowOwnedPopups
ShowCursor
SetWindowsHookExA
SetWindowTextA
SetWindowPos
SetWindowPlacement
SetWindowLongA
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRect
SetPropA
SetParent
SetMenuItemInfoA
SetMenu
SetKeyboardState
SetForegroundWindow
SetFocus
SetCursor
SetClipboardData
SetClassLongA
SetCapture
SetActiveWindow
SendMessageA
ScrollWindow
ScreenToClient
RemovePropA
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
RegisterClipboardFormatA
RegisterClassA
RedrawWindow
PtInRect
PostQuitMessage
PostMessageA
PeekMessageA
OpenClipboard
OffsetRect
OemToCharA
MsgWaitForMultipleObjects
MessageBoxA
MessageBeep
MapWindowPoints
MapVirtualKeyA
LoadStringA
LoadKeyboardLayoutA
LoadIconA
LoadCursorA
LoadBitmapA
KillTimer
IsZoomed
IsWindowVisible
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageA
IsChild
IsCharAlphaNumericA
IsCharAlphaA
InvalidateRect
IntersectRect
InsertMenuItemA
InsertMenuA
InflateRect
GetWindowThreadProcessId
GetWindowTextA
GetWindowRect
GetWindowPlacement
GetWindowLongA
GetWindowDC
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropA
GetParent
GetWindow
GetMessageTime
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextA
GetIconInfo
GetForegroundWindow
GetFocus
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardData
GetClientRect
GetClassNameA
GetClassInfoA
GetCapture
GetActiveWindow
FrameRect
FindWindowExA
FindWindowA
FillRect
EqualRect
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextA
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreatePopupMenu
CreateMenu
CreateIcon
CloseClipboard
ClientToScreen
CheckMenuItem
CallWindowProcA
CallNextHookEx
BeginPaint
CharNextA
CharLowerBuffA
CharLowerA
CharUpperBuffA
CharToOemA
AdjustWindowRectEx
ActivateKeyboardLayout
kernel32.dll (imports: 1)
Sleep
oleaut32.dll (imports:
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit
ole32.dll (imports: 9)
CreateStreamOnHGlobal
IsAccelerator
OleDraw
OleSetMenuDescriptor
CoCreateInstance
CoGetClassObject
CoUninitialize
CoInitialize
IsEqualGUID
oleaut32.dll (imports: 2)
GetErrorInfo
SysFreeString
comctl32.dll (imports: 22)
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_SetDragCursorImage
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Remove
ImageList_DrawEx
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
advapi32.dll (imports: 2)
OpenSCManagerA
CreateServiceA
user32.dll (imports: 18)
DdeCmpStringHandles
DdeFreeStringHandle
DdeQueryStringA
DdeCreateStringHandleA
DdeGetLastError
DdeFreeDataHandle
DdeUnaccessData
DdeAccessData
DdeCreateDataHandle
DdeClientTransaction
DdeNameService
DdePostAdvise
DdeSetUserHandle
DdeQueryConvInfo
DdeDisconnect
DdeConnect
DdeUninitialize
DdeInitializeA