Troj/Agent-AEUD

Category: Viruses and Spyware Protection available since:18 Nov 2013 17:47:00 (GMT)
Type: Trojan Last Updated:21 Nov 2013 20:25:17 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Agent-AEUD include:

Example 1

File Information

Size
378K
SHA-1
029a0759b5f78d4aec95ec7184c91c835aa0c244
MD5
fea0c5ba3a9b3853136fff8723f787e0
CRC-32
e52d6ee5
File type
Windows executable
First seen
2013-11-20

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Application Data\Pyecal\ekogo.exe
    Size
    378K
    SHA-1
    080f381393aa254d1c74117f8d6ab0ef2789d1c5
    MD5
    97d79a46d2439df94a9324d177f80938
    CRC-32
    416de26b
    File type
    Windows executable
    First seen
    2013-11-20
  • c:\Documents and Settings\test user\Local Settings\Application Data\jejup.ocx
    Size
    477
    SHA-1
    ca9c774ada721a09fa52e7e095ecb8be17aa898d
    MD5
    06e952600ed08ff00adcdcab463c8a52
    CRC-32
    e7d9d23c
    File type
    Unspecified binary - probably data
    First seen
    2013-11-20
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Ekogo
    "c:\Documents and Settings\test user\Application Data\Pyecal\ekogo.exe"
  • HKCU\Identities
    Identity Login
    0x00098053
  • HKCU\Software\Microsoft\Evzouzw
    168bhja4
    =X□□□□ □□□J□□□□`□□
Processes Created
  • c:\Documents and Settings\test user\application data\pyecal\ekogo.exe
  • c:\windows\system32\cmd.exe
IP Connections
  • 108.230.237.240:8925
  • 116.14.195.245:6487
  • 172.245.217.122:5751
  • 188.124.212.94:4246
  • 217.35.80.36:5432
  • 58.252.57.193:6362
  • 80.212.194.56:8201
  • 84.59.129.23:7605
  • 84.94.187.245:4021
  • 93.180.110.180:1222

Example 2

File Information

Size
378K
SHA-1
031885b0ec545743a2d326cfba38880327d627e1
MD5
56a311e4bb01c2ca1f3e66924ad9af8d
CRC-32
84b572bd
File type
Windows executable
First seen
2013-11-20

Example 3

File Information

Size
378K
SHA-1
1984f6d8a56db38b84f5d5689d6bde02ee2cc8b3
MD5
9619706b19fc64754cdf566af0952d45
CRC-32
205b83fd
File type
Windows executable
First seen
2011-06-27

download Try Sophos products for free
Download now