home

empty.pif

Brontok.A

Product:
Brontok.A

Version:
1.00.0004

MD5:
0237d7ccc9a308dc0b032937477c1ce7

SHA-1:
75f5ec4f5035538b6e091b6d15622bf7b6b6529f

SHA-256:
0e57d29724c32c541099c18ac7c3a0ae3e6ba22706a56b55a3ff3bb85a722fd5

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
4/29/2024 3:26:15 AM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
Win.Worm.Brontok-6
0.98/23207

F-Prot
W32/VB.MZ
4.6.5.141

File size:
136 KB (139,264 bytes)

Product version:
1.00.0004

Original file name:
Brontok.A.HVM31

Language:
English (United States)

Common path:
C:\users\{user}\appdata\roaming\microsoft\windows\start menu\programs\startup\empty.pif

File PE Metadata
Compilation timestamp:
12/9/2009 10:53:06 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x228DC

Entry point:
83, 3C, 24, FE, 77, FE, F5, 90, 8D, 64, 24, CC, 60, 83, EC, DC, 86, DE, E8, 45, 00, 00, 00, F7, D6, B6, 4F, 4B, 81, F7, E8, DD, AC, 7A, 66, 4B, 75, FC, 40, 31, CA, 40, FF, 73, 3C, E9, F2, 96, FF, FF, 47, 28, 77, FE, 87, D1, 86, D6, 87, C9, 4F, 83, E8, F8, 3D, D7, 2E, 03, 00, 8B, F3, 87, C9, B9, 25, E2, B8, D9, F6, D5, 90, 0F, 86, 57, FF, FF, FF, 04, D1, 30, DA, C3, 8B, 2C, 24, 8D, 64, 24, E0, FF, 74, 24, 54, 81, 44, 24, 24, D7, 91, FF, FF, 5B, FF, E5, FF, E6, 0D, A2, 4A, 8D, 4B, 09, 6A, FF, FF, 71, 33, 8D...
 
[+]

Entropy:
6.1583

Code size:
60 KB (61,440 bytes)

Scan empty.pif - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.