HPsus/EncPk-F

Category: Suspicious Behavior and Files Protection available since:07 Oct 2011 21:29:35 (GMT)
Type: Suspicious file Last Updated:17 Apr 2012 18:58:18 (GMT)

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of HPsus/EncPk-F include:

Example 1

File Information

Size
71K
SHA-1
0003f9730d89add5a74dfca0da356fff3ca22f33
MD5
2e13f275058b07380ac7957c455b6acb
CRC-32
1c74488b
File type
application/x-ms-dos-executable
First seen
2011-08-18

Other vendor detection

Kaspersky
Trojan.Win32.Menti.htvf

Runtime Analysis

Copies Itself To
  • C:\WINDOWS\system32\windebug32.exe

Example 2

File Information

Size
93K
SHA-1
147dc99af889eccfc97a878dab86521e5bbda05c
MD5
912e96ca1b7ac1b36e4d7c387d4cd458
CRC-32
d8c4c766
File type
application/x-ms-dos-executable
First seen
2011-09-25

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Application Data\Hasy\ammao.exe
    Size
    93K
    SHA-1
    0a7431d67481f35a92d9cf121dbc2c00fe71e0ce
    MD5
    07e3f8ece47dd9963b29ffb54ed8cc37
    CRC-32
    88fa5214
    File type
    application/x-ms-dos-executable
    First seen
    2012-04-17
Processes Created
  • c:\windows\system32\cmd.exe

Example 3

File Information

Size
903K
SHA-1
436d869233d878bba02a6a08fc9c0fa53242ee47
MD5
7ecaf39dec5226d53d92a16dcbbf5959
CRC-32
9adaab60
File type
application/x-ms-dos-executable
First seen
2011-09-10

download Try Sophos products for free
Download now