Examples of Troj/Agent-AABJ include:
Example 1
File Information
- Size
- 376K
- SHA-1
- 5ead7eec3373373e4141a717510e5b2a7b43f02f
- MD5
- 2cd9498b535d43d8dd72126bed190b72
- CRC-32
- 90f2b0f3
- File type
- Windows executable
- First seen
- 2013-02-11
Example 2
File Information
- Size
- 149K
- SHA-1
- fefa72a854292125f46700f9e2fdfb7802de698e
- MD5
- aaabb6b62b8bd40bb47a0a63742684a5
- CRC-32
- 13ad4eaf
- File type
- Windows executable
- First seen
- 2013-02-11
Other vendor detection
- Kaspersky
- HEUR:Trojan.Win32.Generic
Runtime Analysis
Registry Keys Created
- HKCU\Software\Piriform
- {89775F8E-69D8-D481-66A4-497EA2EDF109}
- □S□□□□□□□□□□`□□p□□□)□□B□□□□□□□□□□`□□□□□□K□□X□`9□□□□□□□PJ□Pv□□,□`□□`d□□□□□□□□:□P□□@□□□L□ □□po□□□□□F□□Y□p(□□*□□□□□□□@□□□□□0□□□F□□□□□□□`□□□□□□{□`□□@'□`W□□□□□□□□□□P□□□□□□□□□□□□□□ □□□□@□□□^□`□□□i□ □□□$□0□□□□□□l□□{□□□□□[□P7□□□□P□□□4□□S□□$□□□□□M□□i□□□□P□□□R□□□□□□□ □□0%□`□□□□□0□□□□□□□□□□□ □□□□□□J□□□□ □□`□□□□□□'□□□□□□□□T□0i□□N□□□□□:□□□□0□□□□□P□□□l□□2□□□□□□□P8□□□□`□□@□□p□□□~□`□□PA□□□□□□□@□□□□□□□□□"□□W□□□□□□□@□□`%□@]□`□□□L□□□□□□□□[□□□□@T□□□□□_□p□□0□□p8□@l□□□□□d□□□□□□□□□□□□□□□□□□□0□□□□□p□□p5□p□□ □□□□□□|□□!□@□□0□□P□□□R□□|□□'□□□□pU□`□□□□□ □□0□□`h□□T□0□□□□□□□□□<□□□□pd□□□□□□□0□□0>□@□□□m□0&□□W□□=□PX□`□□□□□□m□07□@*□P□□□□□□□□□m□□@□□2□□□□□□□□□□0>□□z□@:□P□□□z□PH□□□□□7□□□□@□□□o□□□□□□□□D□□'□□K□□S□□8□□□□`□□`□□□□□□V□0□□□□□□□□□□□@□□□K□□□□`□□□□□`k□`□□0□□□□□□□□□q□p*□P□□□□□ □□□(□□□□□□□ [... 8334 intervening characters ...] `□□□□□□1□PG□□R□□`□ □□□x□p□□□'□□E□p*□`□□@□□0□□□□□□m□□~□□[□□|□□□□□□□Pf□□m□□□□□□□□□□`□□`□□□1□`,□□G□□□□`□□`,□□!□0□□`□□□□□ [□P_□0□□□□□□□□□□□□□□□w□□x□`□□ □□@□□0v□□□□@z□□□□□t□PM□□□□□□□□□□□□□□□□□□□□#□
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run
- Piriform
- RU□□D□□L□02□□E□□E□□"□0:□□D□□c□Pm□Pn□@s□□a□□d□□S□Pt□@i□□g□0\□0u□□p□□r□@\□□o□0a□□ □0e□@t□□n□ps□□A□□p□□i□0a□@i□□n□□D□□t□□\□□i□ i□`o□ m□□u□□r□□e□□g□□.□@l□□"□□A□@I□□D□□a□p□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□
Processes Created
- c:\windows\system32\regsvr32.exe
- c:\windows\system32\rundll32.exe