File name:
atwtusb.exe
Submission date:
2011-08-01 13:22:43 (UTC)
Current status:
finished
Result:
34/ 43 (79.1%)
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2011.08.01.00 2011.07.31 Win-Trojan/Patched.DD
AntiVir 7.11.12.173 2011.08.01 W32/PatchLoad.A
Antiy-AVL 2.0.3.7 2011.08.01 -
Avast 4.8.1351.0 2011.08.01 Win32:Patched-WQ [Trj]
Avast5 5.0.677.0 2011.08.01 Win32:Patched-WQ [Trj]
AVG 10.0.0.1190 2011.08.01 Win32/Katusha.A
BitDefender 7.2 2011.08.01 Trojan.Patched.HE
CAT-QuickHeal 11.00 2011.08.01 W32.Patchload.O
ClamAV 0.97.0.0 2011.08.01 -
Commtouch 5.3.2.6 2011.08.01 W32/Patched.G
Comodo 9589 2011.08.01 TrojWare.Win32.Patched.HN
DrWeb 5.0.2.03300 2011.08.01 Trojan.Starter.1695
Emsisoft 5.1.0.8 2011.08.01 Trojan-Spy.Win32.Zbot!IK
eSafe 7.0.17.0 2011.07.31 -
eTrust-Vet 36.1.8475 2011.08.01 Win32/Patchload.U
F-Prot 4.6.2.117 2011.08.01 W32/Patched.G
F-Secure 9.0.16440.0 2011.08.01 Trojan.Patched.HE
Fortinet 4.2.257.0 2011.07.31 -
GData 22 2011.08.01 Trojan.Patched.HE
Ikarus T3.1.1.104.0 2011.08.01 Trojan-Spy.Win32.Zbot
Jiangmin 13.0.900 2011.07.31 TrojanSpy.Zbot.adxr
K7AntiVirus 9.109.4961 2011.07.29 Trojan
Kaspersky 9.0.0.837 2011.08.01 Trojan.Win32.Patched.mf
McAfee 5.400.0.1158 2011.08.01 W32/Katusha
McAfee-GW-Edition 2010.1D 2011.08.01 W32/Katusha
Microsoft 1.7104 2011.08.01 Virus:Win32/Patchload.O
NOD32 6340 2011.08.01 Win32/Patched.HN
Norman 6.07.10 2011.08.01 W32/Patched.BH
nProtect 2011-08-01.03 2011.08.01 -
Panda 10.0.3.5 2011.08.01 W32/Katusha.BN
PCTools 8.0.0.5 2011.08.01 Trojan.Paccyn
Prevx 3.0 2011.08.01 -
Rising 23.69.00.03 2011.08.01 Win32.Loader.li
Sophos 4.67.0 2011.08.01 -
SUPERAntiSpyware 4.40.0.1006 2011.07.30 -
Symantec 20111.1.0.186 2011.08.01 Trojan.Paccyn!inf
TheHacker 6.7.0.1.267 2011.08.01 -
TrendMicro 9.200.0.1012 2011.08.01 PTCH_KATUSHA.W
TrendMicro-HouseCall 9.200.0.1012 2011.08.01 PTCH_KATUSHA.W
VBA32 3.12.16.4 2011.08.01 Trojan-Spy.Zbot.gen
VIPRE 10029 2011.08.01 Virus.Win32.Agent.mpq (v)
ViRobot 2011.8.1.4599 2011.08.01 Win32.Patched.BE
VirusBuster 14.0.147.1 2011.07.31 Win32.Katusha.Gen
Additional information
MD5 : 7a053199b4b8ee0e7ef1acb205fba8f7
SHA1 : 1bae4a2b526865dc45ba65d0ecc2ecd64488436a
SHA256: 66d0e9faf800f89a4fee86ac861a225604dc4de0d29df8967966703508396fef
ssdeep: 6144:TVHqiOkCoIKnIh+268rZ38ItHN4wJaZrAOIiyOxYFTv:TIiFCou+lA38EN4BdHiFTv
File size : 392864 bytes
First seen: 2011-08-01 13:22:43
Last seen : 2011-08-01 13:22:43
TrID:
Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: Atwtusb.exe
description..: User Mode Tablet Driver
original name: Usbtablet
internal name: Usbtablet
file version.: 2, 51, 0, 3
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information
[[ basic data ]]
entrypointaddress: 0x78198
timedatestamp....: 0x49EE8FB7 (Wed Apr 22 03:32:07 2009)
machinetype......: 0x14c (I386)
[[ 5 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x4088F, 0x41000, 6.56, 50f972a9494ad6cf20f90e7963c27931
.rdata, 0x42000, 0xB624, 0xC000, 5.99, 81ecf5f0b6ae8af45dfaea3ac1d89600
.data, 0x4E000, 0x1B04C, 0x2000, 2.99, f013a9c39af8b46f25e9819e984ffc21
atwtusb_, 0x6A000, 0xC, 0x1000, 0.00, 620f0b67a91f7f74151bc5be745b7110
.rsrc, 0x6B000, 0xD918, 0xE000, 4.98, a1a36333d520352bbf88a96ee53618a0
[[ 10 import(s) ]]
SETUPAPI.dll: SetupDiEnumDeviceInterfaces, SetupDiGetDeviceInterfaceDetailA, SetupDiDestroyDeviceInfoList, SetupDiGetClassDevsA
HID.DLL: HidD_GetPreparsedData, HidP_MaxUsageListLength, HidP_SetUsageValueArray, HidP_SetScaledUsageValue, HidD_FlushQueue, HidD_GetProductString, HidP_GetCaps, HidD_GetFeature, HidD_FreePreparsedData, HidP_SetUsages, HidP_UsageListDifference, HidP_SetUsageValue, HidD_GetSerialNumberString, HidP_GetSpecificButtonCaps, HidP_GetUsages, HidD_GetNumInputBuffers, HidP_GetUsageValueArray, HidD_SetFeature, HidD_GetManufacturerString, HidP_GetLinkCollectionNodes, HidD_GetAttributes, HidP_GetUsagesEx, HidD_SetNumInputBuffers, HidP_GetUsageValue, HidP_GetScaledUsageValue, HidP_SetData, HidD_GetHidGuid, HidD_GetIndexedString, HidP_UnsetUsages, HidD_GetPhysicalDescriptor, HidP_GetSpecificValueCaps, HidP_MaxDataListLength, HidP_GetData
VERSION.dll: VerQueryValueA, GetFileVersionInfoSizeA, GetFileVersionInfoA
WINMM.dll: PlaySoundA
KERNEL32.dll: TerminateThread, Sleep, GetExitCodeProcess, CreateProcessA, TerminateProcess, GetSystemDirectoryA, CreateDirectoryA, GetStartupInfoA, FindFirstFileA, CopyFileA, SetFileAttributesA, FindClose, GetExitCodeThread, GetVersionExA, WinExec, GetVersion, LocalFree, DeleteFileA, lstrcpynA, GetFileSize, GetSystemDefaultLangID, ResetEvent, WaitForMultipleObjects, GetEnvironmentVariableW, GetLocaleInfoA, WaitForSingleObject, SetEvent, InitializeCriticalSection, WideCharToMultiByte, GetStringTypeExW, GetEnvironmentVariableA, CompareStringW, GetACP, ExitThread, GetTickCount, lstrlenW, SetThreadPriority, RaiseException, GetStringTypeExA, InterlockedExchange, lstrcmpiA, GetThreadLocale, GetLocalTime, DeviceIoControl, lstrcmpiW, CompareStringA, DeleteCriticalSection, CreateThread, MapViewOfFile, UnmapViewOfFile, MulDiv, CreateFileMappingA, GetCurrentProcess, GetCurrentThreadId, ReleaseMutex, LCMapStringW, LCMapStringA, GetSystemTimeAsFileTime, GetCurrentProcessId, QueryPerformanceCounter, GetOEMCP, IsValidCodePage, IsValidLocale, EnumSystemLocalesA, GetUserDefaultLCID, GetCPInfo, GetDateFormatA, GetTimeFormatA, GetStringTypeW, GetStringTypeA, FlushFileBuffers, SetStdHandle, RtlUnwind, GetFileType, SetHandleCount, GetEnvironmentStringsW, FreeEnvironmentStringsW, GetEnvironmentStrings, FreeEnvironmentStringsA, UnhandledExceptionFilter, GetModuleFileNameA, GetStdHandle, HeapSize, ExitProcess, TlsGetValue, TlsSetValue, TlsFree, SetEndOfFile, GetCurrentThread, SetLastError, TlsAlloc, IsBadWritePtr, VirtualFree, HeapCreate, HeapDestroy, FatalAppExitA, LeaveCriticalSection, EnterCriticalSection, GetCommandLineA, GetModuleHandleA, VirtualQuery, GetSystemInfo, VirtualAlloc, VirtualProtect, HeapReAlloc, HeapFree, HeapAlloc, SetFilePointer, CreateFileA, CloseHandle, GetLastError, GetOverlappedResult, ReadFile, CreateEventA, WriteFile, GlobalReAlloc, lstrlenA, lstrcmpA, DebugBreak, OutputDebugStringA, WritePrivateProfileStringA, LoadLibraryA, GetPrivateProfileStringA, GetProcAddress, GetProfileIntA, GetPrivateProfileIntA, GetWindowsDirectoryA, FreeLibrary, GlobalFree, GlobalAlloc, GetTimeZoneInformation, SetConsoleCtrlHandler, GetLocaleInfoW, SetEnvironmentVariableA, SetUnhandledExceptionFilter, IsBadReadPtr, CreateMutexA, MultiByteToWideChar, IsBadCodePtr
USER32.dll: GetThreadDesktop, CloseDesktop, SetThreadDesktop, keybd_event, GetClassNameA, CharUpperA, WindowFromPoint, GetClientRect, CharLowerW, CharLowerA, UnregisterClassA, GetWindowLongA, CharUpperW, EnumChildWindows, IsWindow, mouse_event, SetWindowTextA, SendMessageA, GetWindowThreadProcessId, GetSubMenu, DrawIconEx, SetDoubleClickTime, LoadMenuA, GetDoubleClickTime, GetDC, TrackPopupMenuEx, GetAsyncKeyState, BringWindowToTop, ReleaseDC, GetCursorPos, LoadImageA, DestroyMenu, GetDlgCtrlID, DestroyIcon, CheckMenuItem, GetWindow, GetMessageA, SetTimer, OpenDesktopA, GetTopWindow, SendInput, CreateDialogParamA, PostQuitMessage, KillTimer, EnumDisplaySettingsExW, TranslateMessage, CheckDlgButton, DispatchMessageA, SystemParametersInfoA, FindWindowA, UnregisterDeviceNotification, GetDlgItemTextA, SetScrollInfo, RegisterDeviceNotificationA, GetDlgItemInt, SendDlgItemMessageA, GetParent, GetWindowTextLengthA, GetWindowTextA, CharUpperBuffA, EndDialog, IsDlgButtonChecked, PostMessageA, CheckRadioButton, EnableWindow, DialogBoxParamA, SetDlgItemTextA, EndPaint, DestroyWindow, EnumDisplayMonitors, GetWindowRect, GetMessageExtraInfo, SetForegroundWindow, LoadStringA, MessageBeep, BeginPaint, PtInRect, ShowCursor, MessageBoxA, InvalidateRect, CreateWindowExA, DefWindowProcA, GetDesktopWindow, SetWindowPos, ShowWindow, GetSystemMetrics, UpdateWindow, LoadCursorA, RegisterClassA, wsprintfA, GetDlgItem
GDI32.dll: GetTextExtentPoint32A, CreateFontA, SetBkMode, DeleteObject, MoveToEx, Arc, PatBlt, LineTo, SelectObject, CreatePen, SetTextAlign, GetStockObject, TextOutA, SetBkColor, SetTextColor
comdlg32.dll: GetOpenFileNameA
ADVAPI32.dll: SetEntriesInAclA, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, RegCreateKeyA, RegFlushKey, GetNamedSecurityInfoA, RegCloseKey, SetServiceStatus, AllocateAndInitializeSid, ImpersonateLoggedOnUser, DuplicateTokenEx, RegOpenKeyExA, RegisterServiceCtrlHandlerExA, SetTokenInformation, CreateProcessAsUserA, OpenProcessToken, StartServiceCtrlDispatcherA, SetNamedSecurityInfoA, RegSetValueExA, RegQueryValueExA
SHELL32.dll: SHGetSpecialFolderPathA, Shell_NotifyIconA
ExifTool:
file metadata
CharacterSet: Unicode
CodeSize: 266240
EntryPoint: 0x78198
FileDescription: User Mode Tablet Driver
FileFlagsMask: 0x003f
FileOS: Windows NT 32-bit
FileSize: 384 kB
FileSubtype: 0
FileType: Win32 EXE
FileVersion: 2, 51, 0, 3
FileVersionNumber: 2.51.0.3
ImageVersion: 0.0
InitializedDataSize: 225280
InternalName: Usbtablet
LanguageCode: Chinese (Traditional)
LinkerVersion: 7.1
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 6.1
ObjectFileType: Executable application
OriginalFilename: Usbtablet
PEType: PE32
ProductName: Atwtusb.exe
ProductVersion: 1, 0, 0, 0
ProductVersionNumber: 1.0.0.0
Subsystem: Windows GUI
SubsystemVersion: 4.0
TimeStamp: 2009:04:22 05:32:07+02:00
UninitializedDataSize: 0