Examples of Mal/Behav-214 include:
Example 1
File Information
- Size
- 21K
- SHA-1
- 3c8fe368eb7b4767ce88f90da7c77c2b72a563e6
- MD5
- cf943153cb094ee8c2fa2ebf21d20abb
- CRC-32
- 2d2d6991
- File type
- application/x-ms-dos-executable
- First seen
- 2010-08-18
Runtime Analysis
Dropped Files
- c:\Documents and Settings\test user\Local Settings\Temp\3602.tmp
- Size
- 17K
- SHA-1
- 53241bc3e0d222c92bbfea86c5822acde03e8d4f
- MD5
- fe09a9eaf475d3912e5881458dd410f1
- CRC-32
- 647f7411
- File type
- application/x-ms-dos-executable
- First seen
- 2010-08-20
Processes Created
- c:\windows\system32\cmd.exe
- c:\windows\system32\sc.exe
Example 2
File Information
- Size
- 32K
- SHA-1
- 6001596d339824c4331ccea3a4002993c89af43e
- MD5
- dc07b0892ae9b474216b7258e7373f24
- CRC-32
- 954fda64
- File type
- application/x-ms-dos-executable
- First seen
- 2011-03-24
Runtime Analysis
Dropped Files
- C:\WINDOWS\system32\dxe.dat
- Size
- 500
- SHA-1
- 2419758d018553f50ac663300b2ae3eaa3109439
- MD5
- 010444c3d4c7ca22655bffd15555f18c
- CRC-32
- f637270b
- File type
- application/octet-stream
- First seen
- 2011-03-03
- C:\WINDOWS\dinput8.dll
- c:\Documents and Settings\test user\Local Settings\Temp\lzg.tmp
- C:\WINDOWS\system32\dinput8_.dll
- c:\Documents and Settings\test user\Local Settings\Temp\lzg1.tmp
- c:\Documents and Settings\test user\Local Settings\Temp\dx2.tmp
Processes Created
- c:\windows\system32\cmd.exe
- c:\windows\system32\rundll32.exe
Example 3
File Information
- Size
- 17K
- SHA-1
- 612a29f6ddd3da403e66805c0f1b167f9f0836ce
- MD5
- 81c91bfb7cd10fac32848ef8bd77b84a
- CRC-32
- d1dffc8a
- File type
- application/x-ms-dos-executable
- First seen
- 2010-09-07
Runtime Analysis
Dropped Files
- C:\WINDOWS\system32\d3d9.dll.dat
- Size
- 1.7M
- SHA-1
- 59f351b5535f654ce728da417fb8b3dec73233d3
- MD5
- 0829f54e308650be43f38b29f13a0ee2
- CRC-32
- 4cf65717
- File type
- application/x-ms-dos-executable
- First seen
- 2010-09-07
Processes Created
- c:\windows\system32\cmd.exe