heii leute ich gebe euch mein hack viel spass damit
screen:
[Sie müssen registriert oder eingeloggt sein, um diesen Link sehen zu können] download:
[Sie müssen registriert oder eingeloggt sein, um diesen Link sehen zu können] virustotal:
VT Community Sign in ▼ My account ▼ Sign out Signing out... Languages ▼
VirusTotal's website has changed, we need new translations, do you feel like helping the community?
[Sie müssen registriert oder eingeloggt sein, um diesen Link sehen zu können] in to VT Community
Safety ratings and user comments (disinfection, in-the-wild locations, reverse engineering reports, etc.) on malware and URLs, free and easy.
email
password
Keep me logged in
Sign in
Signing in, please wait...
Login failed, please try again
Forgot your password? Create an account
Edit my profile
View my profile
Inbox
Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name: Weeched Public D3D v1.3.dll
Submission date: 2010-12-21 14:27:34 (UTC)
Current status: finished
Result: 2 /43 (4.7%)
VT Community
not reviewed
Safety score: -
Compact Print results
There is a more up-to-date report (4/43) for this file.
Antivirus Version Last Update Result
AhnLab-V3 2010.12.21.03 2010.12.21 -
AntiVir 7.11.0.117 2010.12.21 -
Antiy-AVL 2.0.3.7 2010.12.21 -
Avast 4.8.1351.0 2010.12.21 -
Avast5 5.0.677.0 2010.12.21 -
AVG 9.0.0.851 2010.12.21 -
BitDefender 7.2 2010.12.21 -
CAT-QuickHeal 11.00 2010.12.21 -
ClamAV 0.96.4.0 2010.12.21 -
Command 5.2.11.5 2010.12.21 -
Comodo 7137 2010.12.21 -
DrWeb 5.0.2.03300 2010.12.21 -
Emsisoft 5.1.0.1 2010.12.21 Trojan.Win32.Vapsup!IK
eSafe 7.0.17.0 2010.12.21 -
eTrust-Vet 36.1.8052 2010.12.21 -
F-Prot 4.6.2.117 2010.12.20 -
F-Secure 9.0.16160.0 2010.12.21 -
Fortinet 4.2.254.0 2010.12.21 -
GData 21 2010.12.21 -
Ikarus T3.1.1.90.0 2010.12.21 Trojan.Win32.Vapsup
Jiangmin 13.0.900 2010.12.21 -
K7AntiVirus 9.73.3296 2010.12.20 -
Kaspersky 7.0.0.125 2010.12.21 -
McAfee 5.400.0.1158 2010.12.21 -
McAfee-GW-Edition 2010.1C 2010.12.21 -
Microsoft 1.6402 2010.12.21 -
NOD32 5721 2010.12.21 -
Norman 6.06.12 2010.12.21 -
nProtect 2010-12-21.01 2010.12.21 -
Panda 10.0.2.7 2010.12.21 -
PCTools 7.0.3.5 2010.12.21 -
Prevx 3.0 2010.12.21 -
Rising 22.79.00.04 2010.12.21 -
Sophos 4.60.0 2010.12.21 -
SUPERAntiSpyware 4.40.0.1006 2010.12.21 -
Symantec 20101.3.0.103 2010.12.21 -
TheHacker 6.7.0.1.104 2010.12.21 -
TrendMicro 9.120.0.1004 2010.12.21 -
TrendMicro-HouseCall 9.120.0.1004 2010.12.21 -
VBA32 3.12.14.2 2010.12.20 -
VIPRE 7745 2010.12.21 -
ViRobot 2010.12.20.4210 2010.12.21 -
VirusBuster 13.6.105.1 2010.12.21 -
Additional informationShow all
MD5 : f00abc60b3b0d4fc2e397dd7974d38f5
SHA1 : f73a7772534a37d2d0d580aa04fd347b67e0c70b
SHA256: 278e280cf9a9045170762200bfb842e958db01bf117cb62649ed5894f2eceee8
ssdeep: 6144:GHTUY9WLXj//debJEEsZQeeaQeexNQeesQeewWQeehQeeMgfl4VJGzeWPMbs1:GHTUYUzL
tVfbtP
File size : 255488 bytes
First seen: 2010-12-21 14:27:34
Last seen : 2010-12-28 14:26:28
Magic: PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit
TrID:
Win32 Executable MS Visual C++ (generic) (53.1%)
Windows Screen Saver (18.4%)
Win32 Executable Generic (12.0%)
Win32 Dynamic Link Library (generic) (10.6%)
Generic Win/DOS Executable (2.8%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEiD: -
PEInfo: PE structure information
[[ basic data ]]
entrypointaddress: 0x1E837
timedatestamp....: 0x4D10B919 (Tue Dec 21 14:26:33 2010)
machinetype......: 0x14C (Intel I386)
[[ 5 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x1DEAB, 0x1E000, 6.65, dc56891b13f2e2c00e56166a1f3760fc
.rdata, 0x1F000, 0x108EA, 0x10A00, 4.62, 064fe5f6b747ca30c32aed7887405e2f
.data, 0x30000, 0xC9E8, 0xA200, 4.31, 58141abd33dcb0671b3134e75baaa80b
.rsrc, 0x3D000, 0x2B0, 0x400, 5.2, 943d65b695e268ec9e84686a2ecdf4bb
.reloc, 0x3E000, 0x50F6, 0x5200, 3.19, b200b492eb827e327605015acef9acf6
[[ 7 import(s) ]]
advapi32.dll: RegQueryValueExA, RegOpenKeyA, RegCloseKey
d3d9.dll: Direct3DCreate9
gdi32.dll: GetGlyphOutlineA, DeleteObject, GetTextMetricsA, GetObjectW, DeleteDC, CreateDIBSection, ExtTextOutW, MoveToEx, ExtTextOutA, CreateCompatibleDC, SetMapMode, SetTextAlign, CreateFontIndirectW, CreateFontIndirectA, GetFontLanguageInfo, GetTextMetricsW, SetBkMode, SetBkColor, SetTextColor, GetCharacterPlacementW, GetCharacterPlacementA, SelectObject, GetObjectA
kernel32.dll: Sleep, GetModuleHandleA, ExitProcess, VirtualAlloc, CreateThread, GetSystemTimeAsFileTime, GetCurrentProcessId, GetCurrentThreadId, GetTickCount, QueryPerformanceCounter, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, InterlockedCompareExchange, InterlockedExchange, IsProcessorFeaturePresent, GetSystemInfo, OutputDebugStringA, GetProcAddress, LoadLibraryA, WideCharToMultiByte, MultiByteToWideChar, GetVersionExA, VirtualProtect
msvcr90.dll: _encode_pointer, _malloc_crt, _encoded_null, _decode_pointer, _initterm, _amsg_exit, _adjust_fdiv, __CppXcptFilter, _crt_debugger_hook, __clean_type_info_names_internal, _unlock, __dllonexit, _lock, _onexit, _except_handler4_common, free, __CxxFrameHandler, _finite, _CIacos, iswspace, iswalpha, iswdigit, iswpunct, strncpy, _ftol, __3@YAXPAX@Z, __2@YAPAXI@Z, memset, memcpy, malloc, sprintf, _initterm_e
shell32.dll: ShellExecuteA
user32.dll: SetRect, CreateWindowExA, ShowWindow, DestroyWindow, GetSystemMetrics, GetAsyncKeyState
ExifTool:
file metadata
CodeSize: 122880
EntryPoint: 0x1e837
FileSize: 250 kB
FileType: Win32 DLL
ImageVersion: 0.0
InitializedDataSize: 131584
LinkerVersion: 9.0
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 5.0
PEType: PE32
Subsystem: Windows GUI
SubsystemVersion: 5.0
TimeStamp: 2010:12:21 15:26:33+01:00
UninitializedDataSize: 0
Symantec reputation:Suspicious.Insight
VT Community
0
This file has never been reviewed by any VT Community member. Be the first one to comment on it!
VirusTotal Team
Add your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments?
You can add basic styles to your comments using the following accepted bbcode tags:
text -- bold
text -- italics
text -- underline
[s]text[/s] -- strikethrough
- Code:
-
text
- preformatted text
You can also address comments to particular users using the "@" twitter-like mode. By prepending a "#" symbol to a word you can add custom tags to your comment, tags that can then be searched for.
Goodware Malware Spam attachment/link
P2P download Propagating via IM Network worm
Drive-by-download
Anonymous limit exceeded: anonymous users can only make one comment per file or URL, either sign in or register in order to continue making reviews on this item. Note that anonymous user discrimination is based on IP addresses, hence, it may be possible that another user behind your same proxy or NAT connection already made a review.
Preview commentEdit comment Post comment Posting comment...
Comment successfully posted
ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
musste leider so machen geht nicht anders [/b][i][u]
So Dez 11, 2011 6:49 pm von dimax3
![[Admin]Handplayer](https://2img.net/u/2811/18/20/64/avatars/1-43.png)
.