Analysis Report for 44027210

Comment on this report

Summary:

Description	Risk
AV Hit: This executable is detected by an antivirus software.

Table of Contents
expand all	collapse all
General information 44027210.exe C:\44027210.exe Primary Analysis Subject General Information a) File Activities

1. General Information

	- Information about Anubis' invocation

Time needed:	254 s
Report created:	04/20/11, 16:55:43 UTC
Termination reason:	Timeout
Program version:	1.75.3394

2. 44027210.exe

	- General information about this executable

Analysis Reason:	Primary Analysis Subject
Filename:	44027210.exe
MD5:	5807467368002a1ddc24da5cf5ad39b7
SHA-1:	32c75fe5ee88d22c17e8a838f56e585e1583028c
File Size:	90112 Bytes
Command Line:	"C:\44027210.exe"
Process-status at analysis end:	alive
Exit Code:	0

	- Load-time Dlls

Module Name	Base Address	Size
C:\WINDOWS\system32\ntdll.dll	0x7C900000	0x000AF000
C:\WINDOWS\system32\kernel32.dll	0x7C800000	0x000F6000

	- Ikarus Virus Scanner

P2P-Worm.Win32.Palevo (Sig-Id:54027210)

2.a) 44027210.exe - File Activities

	- File System Control Communication:

File	Control Code	Times
C:\Program Files\Common Files\	0x00090028	1

International Secure Systems Lab
Vienna University of Technology, Eurecom France, UC Santa Barbara
Contact: anubis@iseclab.org