Mal/VB-JS

Category:	Viruses and Spyware	Protection available since:	10 Sep 2010 00:13:28 (GMT)
Type:	Win32 worm	Last Updated:	10 Sep 2010 00:13:28 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Mal/VB-JS include:

Example 1

File Information

Size: 158K
SHA-1: 040a39cb5c4abeb0db8943af8fd628c6589cc48b
MD5: 3737acfff45f6f81fe91495ebc8d922b
CRC-32: b2d460eb
File type: application/x-ms-dos-executable
First seen: 2010-08-19

Other vendor detection

Avira: TR/Dropper.Gen
Kaspersky: P2P-Worm.Win32.Palevo.atkl

Runtime Analysis

Modified Files

C:\RECYCLER
- Set the readonly flag

Registry Keys Created

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Taskman
C:\RECYCLER\S-1-5-21-9845483089-8685204467-858023284-2159\test.exe

DNS Requests

betoortiz.info
soypolilla.com

Example 2

File Information

Size: 153K
SHA-1: 1f4375233d81f2caa6d70b57a6c07fb4b73b57ba
MD5: a83209de77f889e31cd5ef8671dd34e7
CRC-32: 67cf3177
File type: application/x-ms-dos-executable
First seen: 2010-08-21

Other vendor detection

Avira: TR/Dropper.Gen
Kaspersky: P2P-Worm.Win32.Palevo.atkl

Runtime Analysis

Modified Files

C:\RECYCLER
- Set the readonly flag

Registry Keys Created

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Taskman
C:\RECYCLER\S-1-5-21-8883667161-4566067469-028150602-9502\test.exe

DNS Requests

symconempkr.com
wisetrize.com

Example 3

File Information

Size: 44K
SHA-1: 375f8a1f1adb7eff4ad91d16c5fee69cc839e3bd
MD5: ace7f5670e4eab0a23965a80dce865b9
CRC-32: eb9bb111
File type: application/x-ms-dos-executable
First seen: 2010-08-27

Other vendor detection

Avira: TR/Dropper.Gen
Kaspersky: P2P-Worm.Win32.Palevo.atkl

Try Sophos products for free
Download now