Troj/Agent-ACVI

Category: Viruses and Spyware Protection available since:23 Jul 2013 14:09:53 (GMT)
Type: Trojan Last Updated:23 Jul 2013 16:24:48 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Agent-ACVI include:

Example 1

File Information

Size
364K
SHA-1
907226500858caf773e86a737f8d70ce1177fc66
MD5
6b06a5171c1dab270a906b9aa0652a98
CRC-32
092a7aae
File type
Windows executable
First seen
2013-07-23

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Application Data\Muyfos\maoq.exe
    Size
    364K
    SHA-1
    7ce7889fbc57addef818b792c5c4073449008ee3
    MD5
    32c9b7a047f0c140c6c63ef7255a5ac0
    CRC-32
    bc2f205e
    File type
    Windows executable
    First seen
    2013-07-23
  • c:\Documents and Settings\test user\Local Settings\Application Data\uzfugu.yxa
    Size
    477
    SHA-1
    a93f1a8339974ec9702502d5fd2a4eb485922c72
    MD5
    ec1c1efc126e61c7a279c2b9256a2a45
    CRC-32
    fe9d5d7b
    File type
    Unspecified binary - probably data
    First seen
    2013-07-23
Registry Keys Created
  • HKCU\Identities
    Identity Login
    0x00098053
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Maoq
    "c:\Documents and Settings\test user\Application Data\Muyfos\maoq.exe"
  • HKCU\Software\Microsoft\Gubowoluweuv
    gjhe8ci
    □8□P□□□□□p□□□□□p\□
Processes Created
  • c:\Documents and Settings\test user\application data\muyfos\maoq.exe
IP Connections
  • 183.11.30.252:25023
  • 186.136.173.245:2860
  • 186.59.228.111:12208
  • 190.239.109.160:18300
  • 194.36.163.54:9227
  • 210.213.137.50:22142
  • 220.246.38.109:7243
  • 46.48.148.147:18717
  • 99.116.158.19:16292
  • 99.120.1.3:16809

Example 2

File Information

Size
364K
SHA-1
e2e02a4686db4e4c38f928aab7f8f2d3abbfbef4
MD5
2f4c3733c2fb5b704968add96d381a6a
CRC-32
579a1306
File type
Windows executable
First seen
2013-07-23

download Try Sophos products for free
Download now