Troj/Agent-ACFL

Category: Viruses and Spyware Protection available since:15 Jun 2013 02:09:35 (GMT)
Type: Trojan Last Updated:15 Jun 2013 02:09:35 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Agent-ACFL include:

Example 1

File Information

Size
310K
SHA-1
385d3b387e4fbffb967e4b228aad53af51f75394
MD5
eb5e65f6df59c5476f0c0a0e1bb3cbd2
CRC-32
5f76a218
File type
Windows executable
First seen
2013-06-14

Runtime Analysis

Dropped Files
  • C:\bin\_detached.exe
    Size
    243K
    SHA-1
    3be67ac50b8f537f0ee3996b025883f58d8e6f01
    MD5
    9ac8b44c89dcef05b747a4dd7ab6d7e6
    CRC-32
    669f9532
    File type
    Windows executable
    First seen
    2007-08-02
  • C:\Program Files\HAL\Uninstall.ini
    Size
    1.5K
    SHA-1
    e5ad5710f630d12413e0a003a7063331781ff8d9
    MD5
    4b5e217eeae988f172aa71d3e41dd346
    CRC-32
    2eabb454
    File type
    Configuration Data File (generic)
    First seen
    2013-06-14
  • C:\Program Files\HAL\Uninstall.exe
    Size
    73K
    SHA-1
    95b11e75cad32a9f4559c54b02e40e0ff1d568c4
    MD5
    7f42e2908d0e7fc225fc30d736046048
    CRC-32
    94044707
    File type
    Windows executable
    First seen
    2013-04-27
  • C:\bin\_reg.vbs
    Size
    178
    SHA-1
    c769a9df0d67a41e139f93656dcaac37912b5661
    MD5
    91340f12dc8ed8dd62615dbd9d702e38
    CRC-32
    e838e8a2
    File type
    Visual Basic Script
    First seen
    2013-06-14
  • c:\Documents and Settings\test user\Desktop\HAL.lnk
    Size
    1.5K
    SHA-1
    96ba9ad248375e0dc77b24113af7b37d00e13004
    MD5
    585417781bec0c512d66c75bee4cac6e
    CRC-32
    25f0d559
    File type
    Windows Shortcut file (.LNK)
    First seen
    2013-06-14
  • C:\Program Files\HAL\HAL.exe
    Size
    143K
    SHA-1
    bd6a9e7988403b82613d5cac934c21d7e06a8935
    MD5
    bf9383f8a4033ee441003a05aa8dbd2d
    CRC-32
    5968e997
    File type
    Windows executable
    First seen
    2013-06-14
Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HAL
    NoRepair
    0x00000001
Processes Created
  • c:\bin\_detached.exe
HTTP Requests
  • http://update.bithal.com/updateinfo-1.0.1.xml
  • http://update.hal.obeono.com/updateinfo-1.0.1.xml
DNS Requests
  • update.bithal.com
  • update.hal.obeono.com

Example 2

File Information

Size
178
SHA-1
c769a9df0d67a41e139f93656dcaac37912b5661
MD5
91340f12dc8ed8dd62615dbd9d702e38
CRC-32
e838e8a2
File type
Visual Basic Script
First seen
2013-06-14

download Try Sophos products for free
Download now