Examples of Mal/Swizzor-H include:
Example 1
Runtime Analysis
Dropped Files
- c:\Documents and Settings\test user\Local Settings\Temp\nsw4.tmp\modern-header.bmp
- c:\Documents and Settings\test user\Local Settings\Temp\nsw4.tmp\FavoritES.rtf
- c:\Documents and Settings\test user\Local Settings\Temp\nsw4.tmp\modern-wizard.bmp
- c:\Documents and Settings\test user\Local Settings\Temp\nsw4.tmp\header_LP.bmp
- c:\Documents and Settings\test user\Local Settings\Temp\nsw4.tmp\FavoritIT.rtf
- c:\Documents and Settings\test user\Local Settings\Temp\nsw4.tmp\FavoritEN.rtf
- c:\Documents and Settings\test user\Local Settings\Temp\nsw4.tmp\System.dll
- c:\Documents and Settings\test user\Local Settings\Temp\nsw4.tmp\FavoritFR.rtf
- c:\Documents and Settings\test user\Local Settings\Temp\nsw4.tmp\nsDialogs.dll
- c:\Documents and Settings\test user\Local Settings\Temp\nsw4.tmp\FavoritDE.rtf
Registry Keys Created
- HKLM\SOFTWARE\Live-Player
- dl_lg
- IT
- HKCU\Software\Live-Player
- dl_lg
- IT
Example 2
File Information
- Size
- 419K
- SHA-1
- 00291c52ae66b2f04cfe4183c8c0de07158eecda
- MD5
- ecab505e58b601c861baa1f6da3a206b
- CRC-32
- a04e056a
- File type
- application/x-ms-dos-executable
- First seen
- 2011-02-20
Example 3
File Information
- Size
- 879K
- SHA-1
- 002b49ef02f01e8995b0180198b54a0533f8b0de
- MD5
- bd4a3aa2d5d1cde394e40e0d7966c8a5
- CRC-32
- 0cd7b627
- File type
- application/x-ms-dos-executable
- First seen
- 2011-02-25