Mal/EncPk-EK

Category:	Viruses and Spyware	Protection available since:	16 Aug 2008 16:26:56 (GMT)
Type:	Malicious behavior	Last Updated:	16 Aug 2008 16:26:56 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Mal/EncPk-EK include:

Example 1

File Information

Size: 168K
SHA-1: 0398a0352b865b0474ed222d1430a3f34c6fc4c1
MD5: 9af4e1a4d484180d80fa1717c2544987
CRC-32: b2c78b62
File type: application/x-ms-dos-executable
First seen: 2010-12-08

Example 2

Runtime Analysis

Registry Keys Created

HKCR\CLSID\MADOWN
urlinfo
tml>
<head>
<title>aabb1122.com</title><script type="text/javascript" src="/js/general.js"></script><script type="text/javascript">ChkRequestEnc('YToyMjp7aTowO3M6MTk6IjIwMTEtMDItMTggMTk6MzQ6MzciO2k6MTtzOjc6IjEwMjExMTciO2k6MjtOO2k6MztzOjEwOiJSb29rSUUvMS4wIjtpOjQ7czoxMzoiL2ZtNC9oZWxwLnJhciI7aTo1O3M6MTQ6IjgwLjE5MC4xMTcuMTc4IjtpOjY7czoyOiIxMSI7aTo3O3M6MDoiIjtpOjg7czoxOiJhIjtpOjk7czoyOiJERSI7aToxMDtzOjE6Ii0iO2k6MTE7czoxOiItIjtpOjEyO3M6MjoiMTUiO2k6MTM7czoxMjoiYWFiYjExMjIuY29tIjtpOjE0O3M6Nzg6Imh0dHA6Ly□□|X□

HTTP Requests

http://www.aabb1122.com/fm4/help.rar

DNS Requests

www.aabb1122.com

Example 3

File Information

Size: 168K
SHA-1: 2b73b13af9945004de798b193741948ad79896e3
MD5: a44853c4710393cf556240a1dd8b6ec2
CRC-32: f30a957b
File type: application/x-ms-dos-executable
First seen: 2011-03-15

Try Sophos products for free
Download now