Troj/Zbot-HJQ

Kategorie: Viren und Spyware Schutz verfügbar seit:21 Jan 2014 13:00:57 (GMT)
Typ: Trojan Zuletzt aktualisiert:21 Jan 2014 13:00:57 (GMT)
Verbreitung:

Download Kostenloses Virus Removal Tool downloaden – Finden Sie Bedrohungen, die Ihre Virenschutzsoftware übersehen hat

Troj/Zbot-HJQ exhibits the following characteristics:

File Information

Size
445K
SHA-1
591464619f4464e49689fce7628d8a91274cf40f
MD5
0792ba138be7f6152d512aadf9ad7022
CRC-32
48912f41
File type
Windows executable
First seen
2007-08-24

Other vendor detection

Avira
TR/Spy.ZBot.aau.86

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Application Data\qiyxi.inf
  • c:\Documents and Settings\test user\Application Data\Yvilar\uvqas.exe
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Uvqas
    "c:\Documents and Settings\test user\Application Data\Yvilar\uvqas.exe"
  • HKCU\Identities
    Identity Login
    0x00098053
  • HKCU\Software\Microsoft\Ekhiboolxuy
    1fbh2a9a
    aV□□K□pm□0R□`1□□o□pj□@B□
Processes Created
  • c:\Documents and Settings\test user\application data\yvilar\uvqas.exe
IP Connections
  • 24.251.65.47:1895
  • 64.231.106.25:2171
  • 68.162.220.34:4668
  • 74.243.130.50:1878
  • 75.99.113.250:8765
  • 79.189.188.250:3287
  • 80.135.33.185:1839
  • 84.59.129.23:7605
  • 85.34.231.122:6106
  • 98.164.247.13:2754

Download Sophos Produkte kostenlos testen
Jetzt downloaden