Troj/Dorkbot-FR

Kategorie: Viren und Spyware Schutz verfügbar seit:23 Apr 2013 02:02:16 (GMT)
Typ: Trojan Zuletzt aktualisiert:23 Apr 2013 02:02:16 (GMT)
Verbreitung:

Download Kostenloses Virus Removal Tool downloaden – Finden Sie Bedrohungen, die Ihre Virenschutzsoftware übersehen hat

Troj/Dorkbot-FR exhibits the following characteristics:

File Information

Size
232K
SHA-1
f8e783fc1847d3f114c745e3bccfe708363b0f12
MD5
af31910b2ee4827378bdf7a02abe9581
CRC-32
7126ab6a
File type
Windows executable
First seen
2013-04-22

Runtime Analysis

Copies Itself To
  • F:/snkb00pt/snkb00pt.exe
  • c:\Documents and Settings\test user\Application Data\Bxjfqolrmumczmab.exe
Dropped Files
  • F:/snkb00pt/Desktop.ini
    Size
    63
    SHA-1
    735f8b2d5f3458f8fb309da410326208b75c74c8
    MD5
    6cc375438fb76385e58c69193046dd19
    CRC-32
    7cba2fbd
    File type
    Configuration Data File (generic)
    First seen
    2012-05-30
  • F:/autorun.inf
    Size
    5.1K
    SHA-1
    0846f2a0e67fa59500c226b3d7966af6b580d597
    MD5
    2689cf98ba8ffc78ed759a332d461283
    CRC-32
    36af1918
    File type
    Windows Codepage 1252
    First seen
    2013-04-22
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Bxjfqolrmumczmab.exe
    "c:\Documents and Settings\test user\Application Data\Bxjfqolrmumczmab.exe"
Processes Created
  • c:\Documents and Settings\test user\application data\bxjfqolrmumczmab.exe
DNS Requests
  • e.eastmoon.pl
  • gigasbh.org
  • gigasphere.su
  • h.opennews.su
  • o.dailyradio.su
  • photobeat.su
  • s.richlab.pl
  • uranus.kei.su
  • xixbh.com
  • xixbh.net

Download Sophos Produkte kostenlos testen
Jetzt downloaden