Troj/Agent-ADCG

Category: Viruses and Spyware Protection available since:07 Aug 2013 12:27:07 (GMT)
Type: Trojan Last Updated:07 Aug 2013 12:27:07 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Agent-ADCG include:

Example 1

File Information

Size
302K
SHA-1
4ea08ce7ba021134f4471e598f30da2da6149c70
MD5
fdca4cb5adf09c68b93084f959667273
CRC-32
11a8aa17
File type
Windows executable
First seen
2013-08-07

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Application Data\fypoq.ime
    Size
    477
    SHA-1
    0e1e49f174872f928203c7d0c076865b153777a1
    MD5
    702f1be00b0723c79c0a93860369cece
    CRC-32
    1c4a7f17
    File type
    Unspecified binary - probably data
    First seen
    2013-08-07
  • c:\Documents and Settings\test user\Application Data\Ofycho\inruyq.exe
    Size
    302K
    SHA-1
    dbb112b13d235a9abb4f2c0e48dd490823dd3ba8
    MD5
    c59bfe9d696b396b8c92294e6530df5d
    CRC-32
    bbb62165
    File type
    Windows executable
    First seen
    2013-08-07
Registry Keys Created
  • HKCU\Identities
    Identity Login
    0x00098053
  • HKCU\Software\Microsoft\Ibcilaivifzy
    2d1604c4
    fJ□ H□□t□□/□□C□□N□□h□Pn□
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Inruyq
    "c:\Documents and Settings\test user\Application Data\Ofycho\inruyq.exe"
Processes Created
  • c:\Documents and Settings\test user\application data\ofycho\inruyq.exe
IP Connections
  • 108.210.216.93:2357
  • 130.251.186.103:8650
  • 203.81.192.36:4672
  • 50.65.158.6:4845
  • 66.63.204.26:3895
  • 69.115.119.227:2881
  • 76.226.134.206:1684

Example 2

File Information

Size
302K
SHA-1
dbb112b13d235a9abb4f2c0e48dd490823dd3ba8
MD5
c59bfe9d696b396b8c92294e6530df5d
CRC-32
bbb62165
File type
Windows executable
First seen
2013-08-07

download Try Sophos products for free
Download now