Troj/Agent-AASM

Category: Viruses and Spyware Protection available since:31 Mar 2013 14:46:15 (GMT)
Type: Trojan Last Updated:31 Mar 2013 14:46:15 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Agent-AASM exhibits the following characteristics:

File Information

Size
235K
SHA-1
2fc76c6a503fc5df46cde60bfe64ad82c25553f0
MD5
7a7b9543390888ef1b79b6bbfe65a477
CRC-32
2672b99a
File type
application/x-ms-dos-executable
First seen
2013-03-31

Runtime Analysis

Copies Itself To
  • C:\WINDOWS\system32\kznytwg.exe
Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\yOLE
    Supports RAS Connections
    kznytwg.EXE
  • HKCU\Software\Microsoft\yOLE
    Supports RAS Connections
    kznytwg.EXE
  • HKCU\SYSTEM\CurrentControlSet\Control\Lsa
    Supports RAS Connections
    kznytwg.EXE
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
    Supports RAS Connections
    kznytwg.EXE
  • HKLM\SYSTEM\CurrentControlSet\Control\Lsa
    Supports RAS Connections
    kznytwg.EXE
  • HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
    Supports RAS Connections
    kznytwg.EXE
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    Supports RAS Connections
    kznytwg.EXE
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Supports RAS Connections
    kznytwg.EXE
Processes Created
  • c:\windows\system32\kznytwg.exe
DNS Requests
  • videos.p0rn-lover.us

download Try Sophos products for free
Download now