Troj/Agent-ACII

Category: Viruses and Spyware Protection available since:22 Jun 2013 15:28:50 (GMT)
Type: Trojan Last Updated:22 Jun 2013 15:28:50 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Agent-ACII exhibits the following characteristics:

File Information

Size
267K
SHA-1
d37ab66a3f475a30c8a639ebc31c227a890fa5f5
MD5
ec15b62c1be76273341c20d06f7ef64c
CRC-32
b013e7e7
File type
Windows executable
First seen
2013-06-21

Runtime Analysis

Registry Keys Created
  • HKCU\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32
    (Default)
    C:\RECYCLER\S-1-5-21-1202660629-1454471165-1275210071-1003\$8b2e7cc03175028b9a2b805595885191\n.
  • HKCU_Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32
    (Default)
    C:\RECYCLER\S-1-5-21-1202660629-1454471165-1275210071-1003\$8b2e7cc03175028b9a2b805595885191\n.
Registry Keys Modified
  • HKCR\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32
    (Default)
    C:\RECYCLER\S-1-5-18\$8b2e7cc03175028b9a2b805595885191\n.
HTTP Requests
  • http://j.maxmind.com/app/geoip.js
  • http://www.e-zeeinternet.com/count.php
IP Connections
  • 1.172.59.12:16464
  • 1.186.122.3:16464
  • 106.210.171.10:16464
  • 108.170.53.186:16464
  • 109.201.88.254:16464
  • 112.196.2.186:16464
  • 114.36.227.6:16464
  • 115.254.253.254:16464
  • 116.73.12.21:16464
  • 117.254.253.254:16464
  • 118.136.1.24:16464
  • 119.254.253.254:16464
  • 122.121.0.201:16464
  • 123.201.49.214:16464
  • 134.254.253.254:16464
  • 135.254.253.254:16464
  • 158.254.253.254:16464
  • 166.254.253.254:16464
  • 173.179.147.194:16464
  • 173.28.9.248:16464
  • 174.134.18.21:16464
  • 180.254.253.254:16464
  • 182.254.253.254:16464
  • 183.254.253.254:16464
  • 184.254.253.254:16464
  • 190.159.46.50:16464
  • 190.185.166.176:16464
  • 190.254.253.254:16464
  • 190.53.178.38:16464
  • 190.78.219.222:16464
  • 194.165.17.3:53
  • 197.254.253.254:16464
  • 2.32.137.48:16464
  • 203.192.228.16:16464
  • 206.254.253.254:16464
  • 209.68.32.176:80
  • 217.123.23.215:16464
  • 222.254.253.254:16464
  • 24.147.251.13:16464
  • 24.236.248.24:16464
  • 24.90.112.39:16464
  • 36.225.136.197:16464
  • 46.102.58.242:16464
  • 46.197.89.170:16464
  • 49.249.118.51:16464
  • 5.14.204.208:16464
  • 50.163.96.29:16464
  • 67.166.233.209:16464
  • 67.253.166.219:16464
  • 68.190.90.219:16464
  • 68.98.20.242:16464
  • 71.200.220.43:16464
  • 71.62.4.254:16464
  • 72.172.193.34:16464
  • 72.196.8.215:16464
  • 74.197.167.168:16464
  • 75.198.211.29:16464
  • 75.99.200.254:16464
  • 76.125.208.177:16464
  • 76.28.167.15:16464
  • 77.77.29.52:16464
  • 78.21.152.166:16464
  • 79.115.173.29:16464
  • 8.8.8.8:53
  • 82.158.207.19:16464
  • 82.22.216.33:16464
  • 84.121.98.254:16464
  • 87.18.164.33:16464
  • 89.136.162.165:16464
  • 89.34.99.20:16464
  • 92.108.107.16:16464
  • 94.177.97.19:16464
  • 95.108.108.196:16464
  • 98.30.233.196:16464
DNS Requests
  • j.maxmind.com

download Try Sophos products for free
Download now