Mal/EncPk-SZ

Category: Viruses and Spyware Protection available since:01 Sep 2010 23:21:13 (GMT)
Type: Malicious behavior Last Updated:01 Sep 2010 23:21:13 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Example behaviours of Mal/EncPk-SZ follow:

Example 1

File Information

Size
722K
SHA-1
ec9d17be232e6e0201c2cc39352605e0bfcfc9ea
MD5
8e4c348f487111572c7cedac3ad82ced
CRC-32
9a7839e9
File type
application/x-ms-dos-executable
First seen
2010-06-30

Runtime Analysis

Copies Itself To
  • C:\Program Files\Common Files\Microsoft Shared\Source Engine\nov
Registry Keys Created
  • HKLM\SYSTEM\CurrentControlSet\Services\360safeca......ok\Enum
    Count
    0x00000001
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup
    99999
    <path of original sample>
  • HKLM\SYSTEM\CurrentControlSet\Services\360safeca......ok
    ErrorControl
    0x00000000

Example 2

File Information

Size
722K
SHA-1
2ef3f7c1dd12daf2516615843432d227d10110ad
MD5
f1cb7389e48d1ac2a772ac184d224428
CRC-32
9ec5178b
File type
application/x-ms-dos-executable
First seen
2010-06-30

Runtime Analysis

Copies Itself To
  • C:\Program Files\Common Files\Microsoft Shared\Source Engine\omoon
Registry Keys Created
  • HKLM\SYSTEM\CurrentControlSet\Services\360safeabc.......ok
    ErrorControl
    0x00000000
  • HKLM\SYSTEM\CurrentControlSet\Services\360safeabc.......ok\Enum
    Count
    0x00000001
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup
    99999
    <path of original sample>

Example 3

File Information

Size
722K
SHA-1
340236a718937dab0e6ff97152e35a60c04428f3
MD5
8d6fe05cff65abb790e36a4c3db1c0a8
CRC-32
b98dcc3e
File type
application/x-ms-dos-executable
First seen
2010-06-30

Runtime Analysis

Copies Itself To
  • C:\Program Files\Common Files\Microsoft Shared\Source Engine\mmlonlv
Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup
    99999
    <path of original sample>
  • HKLM\SYSTEM\CurrentControlSet\Services\360safe.........ok\Enum
    Count
    0x00000001
  • HKLM\SYSTEM\CurrentControlSet\Services\360safe.........ok
    ErrorControl
    0x00000000

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy