Mal/Agent-ANA

Category: Viruses and Spyware Protection available since:06 Dec 2013 22:54:53 (GMT)
Type: Malicious behavior Last Updated:13 Dec 2013 03:07:59 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Mal/Agent-ANA include:

Example 1

File Information

Size
99K
SHA-1
8625d3bacde8b7b49c801517d44a2c948dd9114d
MD5
26c218d92b5ec77f86a9cae45b433be8
CRC-32
0be6bd18
File type
Windows executable
First seen
2013-12-09

Runtime Analysis

Registry Keys Modified
  • HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication
    Name
    test_item.exe

Example 2

File Information

Size
99K
SHA-1
9fd7cbc3febaa60b6858b78e822a2dd913fc979a
MD5
899c081bd9bd7cd4e799c03b29d20c05
CRC-32
5b046e9e
File type
Windows executable
First seen
2013-12-08

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Application Data\pqiasthd.exe
Dropped Files
  • C:\sample.txt
    Size
    48
    SHA-1
    a7df410c7cd79bfe9a8fe980226f979d2330a5f9
    MD5
    43382e1f053304855e9320c71ed3b6cd
    CRC-32
    1bfcf32c
    File type
    Unspecified binary - probably data
    First seen
    2013-11-22
Registry Keys Modified
  • HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication
    Name
    test_item.exe
Processes Created
  • c:\windows\system32\notepad.exe
  • c:\windows\system32\svchost.exe
IP Connections
  • 103.13.97.191:8080
  • 176.227.204.58:8080
  • 216.18.22.214:8080
  • 49.50.241.103:8080
  • 5.135.213.204:8080
  • 91.185.204.47:8080

Example 3

File Information

Size
99K
SHA-1
a8616fb5c3acafc0b509979baf1111f05236964d
MD5
28842733c11a6aa761f23daf9628cb61
CRC-32
93d0b68f
File type
Windows executable
First seen
2013-12-08

Runtime Analysis

Registry Keys Modified
  • HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication
    Name
    test_item.exe

download Try Sophos products for free
Download now