Mal/Behav-027

Category: Viruses and Spyware Protection available since:06 Sep 2006 00:00:00 (GMT)
Type: Malicious behavior Last Updated:12 May 2012 20:20:42 (GMT)
Prevalence: No Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Mal/Behav-027 include:

Example 1

File Information

Size
2.4M
SHA-1
0356d5eec56c8105a7b7412aeb94bbfe03f0b35b
MD5
4c63dc91922ecb25a7f17a72d0ea4ad0
CRC-32
7dd66ae3
File type
application/x-ms-dos-executable
First seen
2012-04-10

Runtime Analysis

Dropped Files
  • C:\bin\Trainer.log
    Size
    70
    SHA-1
    30653524ab9fa089d3b3e4dc54f657a6adbf00f2
    MD5
    839edc8eeda0901a03b1a1e9ead4a5a2
    CRC-32
    e75e13a6
    File type
    application/octet-stream
    First seen
    2012-04-11

Example 2

File Information

Size
144K
SHA-1
172df8c62f09704964e8c2dfa116eabb7cbbe588
MD5
1dc30990fa4e572ab7591fac12ac2b2e
CRC-32
d09b5d6a
File type
application/x-ms-dos-executable
First seen
2011-02-18

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\~DF7D1B.tmp
    Size
    16K
    SHA-1
    d2eaf7ac78d6b74589957e4ef863829ce88cf595
    MD5
    ff3c863c54e8189287d2fb5da650bf1f
    CRC-32
    ca2bca10
    File type
    Microsoft OLE2 file format
    First seen
    2011-02-20

Example 3

File Information

Size
28K
SHA-1
2d65c88ed3fcad6a82c453362d74458673423c52
MD5
8f7c791039230c72ef9df3e7c27a344e
CRC-32
8743523b
File type
application/x-ms-dos-executable
First seen
2012-03-11

Runtime Analysis

Registry Keys Modified
  • HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
    AppInit_DLLs
    63 3a 5c 73 61 6d 70 6c 65 2e 64 6c 6c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 f4 01 00 00 b0 07 00 00 f4 21 00 10 60 fd b4 01 18 48 00 10
Processes Created
  • c:\docume~1\support\locals~1\temp\vdtex899.pif
HTTP Requests
  • http://ccur.kr/css/count.asp
  • http://dkt.ventojlw.com/cc.txt
  • http://fot.dginbftg.com/cc.txt
  • http://stompmusic.com/m/down.exe
  • http://stompmusic.com/m/m309.exe
DNS Requests
  • ccur.kr
  • dkt.ventojlw.com
  • fot.dginbftg.com
  • stompmusic.com

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy