2009-12-06 00:50:52
7fa974366048f9c551ef45714595665e
Name | Virtual Address | Virtual Size | Size of Raw Data | Entropy |
---|---|---|---|---|
.text | 0x00001000 | 0x00005c4c | 0x00005e00 | 6.4401055495 |
.rdata | 0x00007000 | 0x0000129c | 0x00001400 | 5.04683530791 |
.data | 0x00009000 | 0x00025c58 | 0x00000400 | 4.80100375272 |
.ndata | 0x0002f000 | 0x00012000 | 0x00000000 | 0.0 |
.rsrc | 0x00041000 | 0x000009e8 | 0x00000a00 | 4.52636280114 |
Name | Offset | Size | Language | Sub-language | File type |
---|---|---|---|---|---|
RT_ICON | 0x00041190 | 0x000002e8 | LANG_ENGLISH | SUBLANG_ENGLISH_US | Device independent bitmap graphic, 32 x 64 x 4, image size 640 |
RT_DIALOG | 0x00041698 | 0x00000060 | LANG_ENGLISH | SUBLANG_ENGLISH_US | data |
RT_DIALOG | 0x00041698 | 0x00000060 | LANG_ENGLISH | SUBLANG_ENGLISH_US | data |
RT_DIALOG | 0x00041698 | 0x00000060 | LANG_ENGLISH | SUBLANG_ENGLISH_US | data |
RT_GROUP_ICON | 0x000416f8 | 0x00000014 | LANG_ENGLISH | SUBLANG_ENGLISH_US | data |
RT_MANIFEST | 0x00041710 | 0x000002d7 | LANG_ENGLISH | SUBLANG_ENGLISH_US | XML 1.0 document, ASCII text, with very long lines (727), with no line terminators |
Antivirus | Signature |
---|---|
Bkav | W32.AIDetectMalware |
Lionic | Adware.NSIS.Dotdo.2!c |
tehtris | Clean |
ClamAV | Clean |
CMC | Clean |
CAT-QuickHeal | Clean |
ALYac | IL:Trojan.MSILZilla.6226 |
Cylance | unsafe |
Zillya | Clean |
Paloalto | Clean |
Sangfor | Adware.Win32.Dotdo.Vy72 |
K7AntiVirus | Adware ( 005077961 ) |
Alibaba | AdWare:Win32/Dotdo.ba75f389 |
K7GW | Adware ( 005077961 ) |
Cybereason | malicious.97c0ff |
Baidu | Clean |
VirIT | Clean |
Cyren | W32/Trojan.NLNR-5404 |
Symantec | ML.Attribute.HighConfidence |
Elastic | malicious (high confidence) |
ESET-NOD32 | multiple detections |
APEX | Clean |
Avast | Win32:Adware-gen [Adw] |
Cynet | Malicious (score: 99) |
Kaspersky | not-a-virus:HEUR:AdWare.NSIS.Dotdo.gen |
BitDefender | Gen:Variant.Nemesis.10893 |
NANO-Antivirus | Riskware.Win32.Dotdo.emcdeh |
ViRobot | Clean |
MicroWorld-eScan | Gen:Variant.Nemesis.10893 |
Tencent | Msil.AdWare.Dotdo.Xtjl |
TACHYON | Clean |
Sophos | Generic Reputation PUA (PUA) |
F-Secure | Heuristic.HEUR/AGEN.1313684 |
DrWeb | Adware.Dotdo.159 |
VIPRE | Gen:Variant.Nemesis.10893 |
TrendMicro | TROJ_GEN.R06BC0PIK23 |
McAfee-GW-Edition | RDN/Generic PUP.z |
Trapmine | malicious.high.ml.score |
FireEye | Gen:Variant.Nemesis.10893 |
Emsisoft | Gen:Variant.Nemesis.10893 (B) |
SentinelOne | Static AI - Suspicious PE |
GData | IL:Trojan.MSILZilla.6226 |
Jiangmin | Clean |
Webroot | W32.Adware.Gen |
Avira | HEUR/AGEN.1345533 |
Antiy-AVL | GrayWare[AdWare]/MSIL.Dotdo |
Kingsoft | Clean |
Gridinsoft | Ransom.Win32.Occamy.sa |
Xcitium | ApplicUnwnt@#3men6czeat9lt |
Arcabit | Trojan.Nemesis.D2A8D [many] |
SUPERAntiSpyware | Adware.ConvertAd/Variant |
ZoneAlarm | not-a-virus:HEUR:AdWare.MSIL.Dotdo.gen |
Microsoft | Trojan:Win32/Occamy.C7A |
Detected | |
AhnLab-V3 | Clean |
Acronis | Clean |
McAfee | Artemis!DD600093D8A1 |
MAX | malware (ai score=99) |
VBA32 | Adware.Dotdo |
Malwarebytes | Generic.Malware.AI.DDS |
Panda | Trj/CI.A |
Zoner | Clean |
TrendMicro-HouseCall | TROJ_GEN.R06BC0PIK23 |
Rising | Adware.Dotdo!8.1172 (CLOUD) |
Yandex | PUA.Dotdo!90RyVnPMxX0 |
Ikarus | AdWare.MSIL.Dotdo |
MaxSecure | Trojan.Malware.300983.susgen |
Fortinet | Adware/Dotdo |
BitDefenderTheta | Gen:NN.ZemsilF.36738.am0@aK@ezhb |
AVG | Win32:Adware-gen [Adw] |
DeepInstinct | MALICIOUS |
CrowdStrike | win/grayware_confidence_100% (W) |
IRMA | Signature |
---|---|
ESET Security (Windows) | multiple detections |
Avast Core Security (Linux) | FileRepMalware [Adw] |
C4S ClamAV (Linux) | Clean |
F-Secure Antivirus (Linux) | Heuristic.HEUR/AGEN.1313684 [Aquarius] |
Windows Defender (Windows) | Trojan:Win32/Occamy.C7A |
McAfee CLI scanner (Linux) | Clean |
Microsoft Defender ATP (Linux) | Trojan:Win32/Occamy.C7A |
Forticlient (Linux) | Clean |
Bitdefender Antivirus (Linux) | Clean |
G Data Antivirus (Windows) | Virus: Gen:Adware.MSIL.DotDo.1 (2x), Gen:Variant.Nemesis.10893 (Engine A) |
Sophos Anti-Virus (Linux) | Clean |
DrWeb Antivirus (Linux) | Clean |
Trend Micro SProtect (Linux) | Clean |
ClamAV (Linux) | Clean |
eScan Antivirus (Linux) | Gen:Adware.MSIL.DotDo.1(DB) |
Kaspersky Standard (Windows) | not-a-virus:HEUR:AdWare.MSIL.Dotdo.gen |