Mal/GrayBird-B

Category: Viruses and Spyware Protection available since:23 Apr 2008 10:04:13 (GMT)
Type: Malicious behavior Last Updated:23 Apr 2008 10:04:13 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Mal/GrayBird-B include:

Example 1

File Information

Size
1.4M
SHA-1
001c9b8aeb671a6403584b50790929049f0998a2
MD5
1e3e5c12b79a789c5598205c65b4c7bd
CRC-32
1cd4a7b3
File type
application/x-ms-dos-executable
First seen
2011-01-05

Example 2

File Information

Size
284K
SHA-1
003c92f4f87d864b013829f332c90fe1d224832c
MD5
9fbaa0e32108a58af16394e14d00bd35
CRC-32
ffb78cc1
File type
application/x-ms-dos-executable
First seen
2010-08-20

Example 3

Other vendor detection

Avira
BDS/Hupigon.Gen
Kaspersky
Backdoor.Win32.Hupigon.ahvo
Trend
Mal_HPGN-3

Runtime Analysis

Copies Itself To
  • C:\WINDOWS\Hacker.com.cn.exe
Registry Keys Created
  • HKLM\SYSTEM\CurrentControlSet\Services\GrayPigeon_Hacker.com.cn
    ImagePath
    C:\WINDOWS\Hacker.com.cn.exe
  • HKLM\SYSTEM\CurrentControlSet\Services\GrayPigeon_Hacker.com.cn\Enum
    NextInstance
    0x00000001
Processes Created
  • c:\windows\system32\cmd.exe

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy