MapleGlobal v62
[Megaupload] http://www.megaupload.com/?d=959KB3X6
[BitTorrent[ http://thepiratebay.org/torrent/4643935/Maple_Story_v62_client
[BitTorrent[ http://thepiratebay.org/torrent/4643935/Maple_Story_v62_client
ZakumMs Client
[MultiUpload] http://www.multiupload.com/S9RM1N0864
GM HandBook All Versions
[Mediafire] http://www.mediafire.com/?aid5hlttwao
VirusTotal
File ZakumMs.exe received on 2010.06.18 04:27:59 (UTC) | |||
Antivirus | Version | Last Update | Result |
a-squared | 5.0.0.26 | 2010.06.18 | - |
AhnLab-V3 | 2010.06.18.01 | 2010.06.18 | - |
AntiVir | 8.2.2.6 | 2010.06.17 | - |
Antiy-AVL | 2.0.3.7 | 2010.06.17 | - |
Authentium | 5.2.0.5 | 2010.06.18 | - |
Avast | 4.8.1351.0 | 2010.06.17 | - |
Avast5 | 5.0.332.0 | 2010.06.17 | - |
AVG | 9.0.0.787 | 2010.06.17 | - |
BitDefender | 7.2 | 2010.06.18 | - |
CAT-QuickHeal | 10.00 | 2010.06.18 | Trojan.Agent.IRC |
ClamAV | 0.96.0.3-git | 2010.06.18 | - |
Comodo | 5137 | 2010.06.18 | - |
DrWeb | 5.0.2.03300 | 2010.06.18 | - |
eSafe | 7.0.17.0 | 2010.06.17 | - |
eTrust-Vet | 36.1.7645 | 2010.06.18 | - |
F-Prot | 4.6.1.107 | 2010.06.17 | - |
F-Secure | 9.0.15370.0 | 2010.06.18 | - |
Fortinet | 4.1.133.0 | 2010.06.17 | - |
GData | 21 | 2010.06.18 | - |
Ikarus | T3.1.1.84.0 | 2010.06.18 | - |
Jiangmin | 13.0.900 | 2010.06.15 | - |
Kaspersky | 7.0.0.125 | 2010.06.18 | - |
McAfee | 5.400.0.1158 | 2010.06.18 | - |
McAfee-GW-Edition | 2010.1 | 2010.06.16 | - |
Microsoft | 1.5902 | 2010.06.17 | - |
NOD32 | 5205 | 2010.06.17 | - |
Norman | 6.05.06 | 2010.06.17 | - |
Panda | 10.0.2.7 | 2010.06.18 | - |
PCTools | 7.0.3.5 | 2010.06.18 | - |
Prevx | 3.0 | 2010.06.18 | Medium Risk Malware |
Rising | 22.52.04.00 | 2010.06.18 | - |
Sophos | 4.54.0 | 2010.06.18 | - |
Sunbelt | 6465 | 2010.06.18 | - |
Symantec | 20101.1.0.89 | 2010.06.18 | - |
TheHacker | 6.5.2.0.299 | 2010.06.17 | W32/Behav-Heuristic-064 |
TrendMicro | 9.120.0.1004 | 2010.06.18 | - |
TrendMicro-HouseCall | 9.120.0.1004 | 2010.06.18 | - |
VBA32 | 3.12.12.5 | 2010.06.17 | - |
ViRobot | 2010.6.14.3884 | 2010.06.18 | - |
VirusBuster | 5.0.27.0 | 2010.06.17 | - |
Additional information | |||
File size: 7909376 bytes | |||
MD5...: b8ced296dd33d368a0bb95e09d78b031 | |||
SHA1..: 11c4ec755d29b94c3352cecad27744f1ac9d99e5 | |||
SHA256: 32a3b9f7284829ea71d4ef25cb5e5a4cfdd77ed1e09a4515f627916c064fe1b9 | |||
ssdeep: 98304:GHotsby/VhoxNCdsYr/wLEhbyjU1ydeyA0c4Pm9v/cPJrDP6C:GItVVhqC /0Ehpa/xrz6 | |||
PEiD..: - | |||
PEInfo: PE Structure information ( base data ) entrypointaddress.: 0x47c9df timedatestamp.....: 0x49193309 (Tue Nov 11 07:23:53 2008) machinetype.......: 0x14c (I386) ( 5 sections ) name viradd virsiz rawdsiz ntrpy md5 0x1000 0x582000 0x582000 6.47 02be9ef347c576273c90429df23aef8a .rsrc 0x583000 0x892ef 0x8a000 6.88 f7177d0dce7dc4e08d883670aeaaa71a .idata 0x60d000 0x1000 0x1000 0.25 1a9f7bf32b2be6cbeb669580afdb1ec1 Themida 0x60e000 0x17b000 0x17b000 7.57 7dccfe48efe6ddf93d31bf788fea2260 .mackt 0x789000 0x2000 0x2000 4.07 129131a13376a8ce179b9c1bd8b6d53e ( 16 imports ) > advapi32.dll: CryptVerifySignatureA, LookupPrivilegeValueA, RegCloseKey, RegSetValueExA, RegQueryValueExA, RegOpenKeyExA, CryptReleaseContext, CryptDestroyKey, CryptEncrypt, CryptImportKey, CryptAcquireContextA, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, GetUserNameA, RegCreateKeyExA, RegDeleteValueA, RegEnumValueA, CryptDestroyHash, CryptHashData, CryptCreateHash, CryptDecrypt, CryptDeriveKey, CryptGetHashParam, OpenProcessToken, AdjustTokenPrivileges > dinput8.dll: DirectInput8Create > gdi32.dll: DeleteObject, CreateCompatibleDC, SelectObject, BitBlt, DeleteDC, GetStockObject, GetObjectA, CreateDIBSection > kernel32.dll: SetUnhandledExceptionFilter, IsBadWritePtr, GetVersionExA, LocalAlloc, lstrlen, FormatMessageA, GetCurrentThreadId, Sleep, GetModuleHandleA, GetTickCount, ReadProcessMemory, OpenProcess, GetModuleFileNameA, GetLocaleInfoA, IsValidCodePage, IsValidLocale, GetStringTypeW, GetStringTypeA, lstrcmpi, GetFileType, LockResource, GetEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsA, FreeEnvironmentStringsA, LCMapStringW, LCMapStringA, GetOEMCP, GetACP, GetCPInfo, HeapCreate, HeapDestroy, GetEnvironmentVariableA, UnhandledExceptionFilter, GetCurrentThread, SetLastError, CompareFileTime, TlsAlloc, FatalAppExitA, LoadLibraryA, GetProcAddress, FreeLibrary, CreateDirectoryA, GetLastError, lstrcmp, GetWindowsDirectoryA, IsBadCodePtr, GetVolumeInformationA, lstrcpy, FileTimeToSystemTime, GetVersion, GetLocalTime, HeapSize, HeapReAlloc, GetSystemTime, GetTimeZoneInformation, GetFileAttributesA, GetCommandLineA, GetStartupInfoA, FileTimeToLocalFileTime, ExitThread, TlsGetValue, TlsSetValue, RaiseException, RtlUnwind, lstrlenW, PeekNamedPipe, GetStdHandle, CreatePipe, SetStdHandle, DuplicateHandle, GetFileInformationByHandle, HeapAlloc, GetProcessHeap, HeapFree, VirtualFree, VirtualAlloc, VirtualQuery, SystemTimeToFileTime, IsDBCSLeadByte, MultiByteToWideChar, FindFirstFileA, DeleteFileA, InterlockedDecrement, FindNextFileA, FindClose, GetSystemDirectoryA, GetTempPathA, GetTempFileNameA, CopyFileA, CreateFileA, ReadFile, SetFilePointer, WriteFile, LoadLibraryExA, IsBadReadPtr, GetCurrentProcess, CloseHandle, InterlockedExchange, LocalFree, GetCurrentDirectoryA, OpenFileMappingA, MapViewOfFile, SetEnvironmentVariableA, CompareStringW, CompareStringA, GetLocaleInfoW, SetConsoleCtrlHandler, InterlockedIncrement, TlsFree, FlushFileBuffers, GetUserDefaultLCID, Thread32Next, Thread32First, Process32Next, Process32First, CreateToolhelp32Snapshot, WideCharToMultiByte, TerminateProcess, SetEvent, InitializeCriticalSection, DeleteCriticalSection, SetEndOfFile, ResumeThread, ResetEvent, SetThreadPriority, GetExitCodeProcess, WaitForMultipleObjects, CreateProcessA, GetFileSize, CreateEventA, WaitForSingleObject, OpenEventA, lstrcat, GetCurrentProcessId, LeaveCriticalSection, EnterCriticalSection, OpenMutexA, CreateThread, TerminateThread, CreateMutexA, ReleaseMutex, GetComputerNameA, ExitProcess, QueryPerformanceCounter, GetModuleFileNameW, VirtualProtect, UnmapViewOfFile, EnumSystemLocalesA > netapi32.dll: Netbios > oleaut32.dll: SetErrorInfo, VariantInit, VariantClear, CreateErrorInfo, VariantCopy, SafeArrayDestroy, SafeArrayCreate, GetErrorInfo, SysAllocString, VariantChangeType, SysFreeString > shell32.dll: SHGetSpecialFolderPathA > user32.dll: FindWindowA, SetRect, ShowCursor, MapVirtualKeyA, DialogBoxParamA, GetDlgItem, EnableWindow, CreateWindowExA, LoadBitmapA, FrameRect, EnumThreadWindows, GetWindowTextA, SetWindowPos, GetWindowRect, MoveWindow, GetWindow, SendMessageA, GetFocus, SetRectEmpty, IsWindowEnabled, GetWindowThreadProcessId, AttachThreadInput, BringWindowToTop, wsprintfA, PtInRect, wvsprintfA, MessageBoxA > wininet.dll: FtpOpenFileA, FtpGetFileSize, FtpGetFileA, InternetCloseHandle, InternetOpenA, InternetConnectA > winmm.dll: timeGetTime, timeSetEvent, timeKillEvent > ws2_32.dll: WSACleanup, closesocket, WSASend, send, sendto, htons, WSAStartup, getpeername, socket, inet_addr, gethostbyname, WSAGetLastError, htonl, htons > wzmss.dll: _WzSoap_GetArticleContent@@YAJEH_NPBGPAG@Z, _WzSoap_CommentArticle@@YAJEHPBGEH00H_NPAG@Z, _WzSoap_WriteArticle@@YAJEHPBGE000HPAG1_N1@Z, _WzSoap_GetArticleOwner@@YAJEHPBGEH_NPAH@Z, _WzSoap_GetArticleTitle@@YAJEHPBGEH_NPAG@Z, _WzSoap_ModifyArticle@@YAJEHPBG0_N0PAG@Z, _WzSoap_DeleteArticle@@YAJEH_NPBGPAG@Z > ijl15.dll: ijlFree, ijlInit, ijlWrite > iphlpapi.dll: GetAdaptersInfo > npkcrypt.dll: NPKRegisterCryptWindowMsg, NPKLoadAtStartup, NPKCloseDriver, NPKOpenDriver, NPKSetDrvPath, NPKGetAppCompatFlag, NPKSetAppCompatFlag > ole32.dll: CoCreateGuid ( 3 exports ) ZtlTaskMemAllocImp, ZtlTaskMemFreeImp, ZtlTaskMemReallocImp | |||
RDS...: NSRL Reference Data Set - | |||
pdfid.: - | |||
trid..: Generic Win/DOS Executable (49.9%) DOS Executable Generic (49.8%) Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%) | |||
<a href='http://info.prevx.com/aboutprogramtext.asp?PX5=A284740800935C21B052780A7B08B900EC7BE968' target='_blank'>http://info.prevx.com/aboutprogramtext.asp?PX5=A284740800935C21B052780A7B08B900EC7BE968</a> | |||
sigcheck: publisher....: Wizet copyright....: Copyright _ 2003 product......: Wizet MapleStory description..: MapleStory original name: MapleStory.exe internal name: MapleStory file version.: 1, 0, 0, 1 comments.....: signers......: - signing date.: - verified.....: Unsigned | |||
Symantec Reputation Network: Suspicious.Insight http://www.symantec.com/security_response/writeup.jsp?docid=2010-021223-0550-99 |