Mal/Dorf-F

Category:	Viruses and Spyware	Protection available since:	31 Oct 2007 22:55:16 (GMT)
Type:	Malicious behavior	Last Updated:	22 Mar 2009 21:35:35 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Mal/Dorf-F include:

Example 1

File Information

Size: 54K
SHA-1: 2a2b38c3d54404b9213b58e7df91748e22f20ecd
MD5: 6dea7cd5cd7b0ec57a6fcbe9d0855a1d
CRC-32: e4b9ae91
File type: application/x-ms-dos-executable
First seen: 2010-12-03

Other vendor detection

Avira: TR/Crypt.ZPACK.Gen

Runtime Analysis

Copies Itself To

C:\WINDOWS\system32\tlxlt.exe

Registry Keys Created

HKCU\Software\Microsoft\Internet Explorer\Main
TabProcGrowth
0x00000000

Example 2

File Information

Size: 59K
SHA-1: 484c1706cd0bcde4b431fcb644e6520a52510cf7
MD5: 710b80007aefa4e8df00b5e98ccd6f66
CRC-32: d891b863
File type: application/x-ms-dos-executable
First seen: 2011-03-05

Runtime Analysis

Copies Itself To

C:\WINDOWS\system32\lxajt.exe

Registry Keys Created

HKCU\Software\Microsoft\Internet Explorer\Main
TabProcGrowth
0x00000000

Example 3

File Information

Size: 54K
SHA-1: 5a4a9567b40bb41c1bc124ed4b9d48288daecb05
MD5: ac8f3270666430755dd95ea0cd19a279
CRC-32: c262bec1
File type: application/x-ms-dos-executable
First seen: 2011-01-04

Other vendor detection

Avira: TR/Crypt.ZPACK.Gen
Kaspersky: Trojan-GameThief.Win32.Magania.efwt

Runtime Analysis

Copies Itself To

C:\WINDOWS\system32\jvhms.exe

Registry Keys Created

HKCU\Software\Microsoft\Internet Explorer\Main
TabProcGrowth
0x00000000

Try Sophos products for free
Download now