Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.Guntor

Trojan.Guntor

By ZulaZuza in Trojans

Threat Scorecard

Popularity Rank: 8,134
Threat Level: 90 % (High)
Infected Computers: 3,278
First Seen: August 15, 2013
Last Seen: January 13, 2026
OS(es) Affected: Windows

Trojan.Guntor is a Trojan that can harm data and even the whole targeted computer system. Trojan.Guntor may reduce the affected PC's security and stability. Trojan.Guntor may also decrease the PC's performance. Trojan.Guntor may violate the victim's privacy and security. Trojan.Guntor may collect personal information on the corrupted PC and tramsmit it to a remote attacker. Trojan.Guntor permits cybercriminals to obtain full remote access and control over the attacked PC. Trojan.Guntor enters the victimized computer without the target PC user's permission and knowledge. Trojan.Guntor masquerades as a legitimate program and thus, fools computer users into downloading and installing it. Trojan.Guntor can be unintentionally downloaded from infected websites.

Analysis Report

General information

Family Name: Trojan.IRCBot.D
Signature status: No Signature

Known Samples

MD5: d24ccfd643b36e964d7c790d66f48a38
SHA1: b75b22844740f0e2363e97155ee9a04aa9cb15e4
SHA256: AC0AFFD561B3BCFFA73B605243E4E941AD9A91D0EF23E45AD06A6577835E08E6
File Size: 10.24 KB, 10240 bytes
MD5: a2c368389aae9825ca1b626a501a8004
SHA1: 6cea8eeeb447c6f8485a54f226b790c81bf6bd5b
SHA256: 40C098DE4F415CD378F22D414474D50C7E1DD5A9799419FC50F231BF9354BD02
File Size: 1.10 MB, 1100288 bytes
MD5: f84c7f84e8e6efb60e51659338c06ef9
SHA1: bb9dd97d4e8c2df4c8028f50798930cbd517b81b
SHA256: 521C00E5621AC288727F3078553DDB0610DDEF270AE4E39141EDA29266D66D48
File Size: 12.80 KB, 12800 bytes
MD5: 188b6e49ecde4240885bc4064b01bd08
SHA1: 0bbe842ef068f5a00d46f3b0eda5afb45208f5d6
SHA256: 4E840608D7FEAA6EBC8F1962FB9CD60721D4FC62B0783FE4E713A0625E5BF9DD
File Size: 20.99 KB, 20992 bytes
MD5: 846e3b60bc7dea789de54e89b9f31e11
SHA1: b38706bb35c6c5c0f510040cadd09cf875b12dce
SHA256: FE359E21685A5297FA3F8F07F9E1EFAD34A414E03946BAF5266C47FDB2814D14
File Size: 964.61 KB, 964608 bytes
Show More
MD5: fe900fc085bcf42405be26f7a23b63d2
SHA1: 63c6c2d6dcb512a1fce6fc94c377357af4a1df7b
SHA256: 5BA29C9D9F6D91EEFACE767E9ED1CDC574C178AB9AAD4006C587D88D60F2AB5B
File Size: 401.41 KB, 401408 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have security information
  • File has TLS information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
Show More
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Comments http://ehoffman.simplenet.com/hplsoft
Company Name
  • HPL Software
  • RJCOM
File Description
  • MP3 Decoder
  • Telephone Billing System
File Version
  • 4.0.2.0
  • 1.3.0.0
Internal Name MP3Dec
Legal Copyright Shareware
Legal Trademarks Please Distribute
Original Filename MP3DEC.EXE
Product Name MPEG Audio Layer 3 Decoder
Product Version
  • 3.02
  • 1.3
Programmer Ramlan H

File Traits

  • HighEntropy
  • No Version Info
  • x86

Block Information

Total Blocks: 4
Potentially Malicious Blocks: 2
Whitelisted Blocks: 2
Unknown Blocks: 0

Visual Map

0 x x 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • IRCBot.D

Files Modified

File Attributes
c:\users\user\appdata\local\temp\ ¥§x.¢¬ Generic Write,Read Attributes
c:\users\user\appdata\local\temp\ ¥§~.¢¬ Generic Write,Read Attributes
c:\users\user\appdata\local\temp\ ¥¥’.¢¬ Generic Write,Read Attributes
c:\users\user\appdata\local\temp\ ¥§.¢¬ Generic Write,Read Attributes
c:\users\user\appdata\local\temp\ §§.¢¬ Generic Write,Read Attributes
c:\users\user\appdata\local\temp\ §¥".¢¬ Generic Write,Read Attributes
c:\users\user\appdata\local\temp\ §"¥.¢¬ Generic Write,Read Attributes
c:\users\user\appdata\local\temp\ §9¥.¢¬ Generic Write,Read Attributes
c:\users\user\appdata\local\temp\ §æ¥¬.¢¬ Generic Write,Read Attributes

Windows API Usage

Category API
User Data Access
  • GetComputerName

Trending

Most Viewed

Loading...