Troj/Agent-ACGC

Category: Viruses and Spyware Protection available since:17 Jun 2013 20:15:26 (GMT)
Type: Trojan Last Updated:17 Jun 2013 20:15:26 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Agent-ACGC include:

Example 1

File Information

Size
684K
SHA-1
4bfa0b8e814cc0e3d5d7722370f132fe2c76f46c
MD5
c862dfd89f06d6ca14e4e62fcea2165a
CRC-32
572f3a7f
File type
Windows executable
First seen
2013-06-14

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\JMQIE\settings.ini
    Size
    145
    SHA-1
    d8771edb0e78c03e8aac6837e40e3993aeefc1eb
    MD5
    a67e549aecbc4bd6aa8393db507947a4
    CRC-32
    5ee27225
    File type
    Configuration Data File (generic)
    First seen
    2013-06-14
  • c:\Documents and Settings\test user\JMQIE\761680.dat
    Size
    2.2M
    SHA-1
    b4e86ce223228e6a8a7c5144a1887661b4b72b55
    MD5
    c8dcaf332afe439d01f725d6e88f6e3e
    CRC-32
    3228a9f8
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2013-06-14
  • c:\Documents and Settings\test user\JMQIE\947514.dat
    Size
    26K
    SHA-1
    fd240f3d6e3267bdde4188cfbf355699d28db728
    MD5
    88268d5c19c259dd8d2bd532114828e3
    CRC-32
    3bd5c647
    File type
    Unspecified binary - probably data
    First seen
    2013-06-14
  • c:\Documents and Settings\test user\JMQIE\start.vbs
    Size
    207
    SHA-1
    7b28eae97b1ee8f119067e5ee759393f39029661
    MD5
    72e6599fd735a7f4ca0fed044b866a05
    CRC-32
    0e90d093
    File type
    Visual Basic Script
    First seen
    2013-06-14
  • c:\Documents and Settings\test user\JMQIE\972265.dat
    Size
    64K
    SHA-1
    9f148744456fc202cccb350c414d355251114058
    MD5
    244a444d19fd10ba900f5cab19569507
    CRC-32
    8d80f4fe
    File type
    Unspecified binary - probably data
    First seen
    2013-06-14
  • c:\Documents and Settings\test user\JMQIE\Autoit3.697973.exe
    Size
    733K
    SHA-1
    cae4e8c730de5a01d30aabeb3e5cb2136090ed8d
    MD5
    71d8f6d5dc35517275bc38ebcc815f9f
    CRC-32
    4aca8fdb
    File type
    Windows executable
    First seen
    2012-01-31
  • c:\Documents and Settings\test user\JMQIE\run.vbs
    Size
    65
    SHA-1
    212f242a908a12933ce5f1306e1af98d10514afd
    MD5
    130fbdbd04b34241621f4e5ab9fe7331
    CRC-32
    942bd8ef
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2013-06-14
  • c:\Documents and Settings\test user\JMQIE\start.cmd
    Size
    73
    SHA-1
    470989860f5b92e45f28f0f00835fcb6643a573e
    MD5
    4f28cb72b26a5a1a0899c9f0c4cd6f3d
    CRC-32
    cd863d98
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2013-06-14
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
    JMQIE
    c:\Documents and Settings\test user\JMQIE\start.vbs
Processes Created
  • c:\Documents and Settings\test user\jmqie\autoit3.697973.exe
  • c:\windows\microsoft.net\framework\v4.0.30319\regsvcs.exe
  • c:\windows\system32\cmd.exe
  • c:\windows\system32\mshta.exe
  • c:\windows\system32\taskkill.exe
  • c:\windows\system32\wscript.exe
IP Connections
  • 37.9.53.172:4421

Example 2

File Information

Size
2.2M
SHA-1
b4e86ce223228e6a8a7c5144a1887661b4b72b55
MD5
c8dcaf332afe439d01f725d6e88f6e3e
CRC-32
3228a9f8
File type
ASCII text / 8-bit Unicode Transformation Format
First seen
2013-06-14

download Try Sophos products for free
Download now