Troj/Agent-AGRK

Category: Viruses and Spyware Protection available since:09 Apr 2014 16:10:27 (GMT)
Type: Trojan Last Updated:09 Apr 2014 16:10:27 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Agent-AGRK exhibits the following characteristics:

File Information

Size
220K
SHA-1
6160c03743ea3dff4cfd98cc9d390fd30747e070
MD5
33d9d1ea39bded77c08a917a46b0ffab
CRC-32
11f98c0e
File type
Windows executable
First seen
2014-03-17

Runtime Analysis

Copies Itself To
  • C:\Default Folder\Default File.exe
  • c:\Documents and Settings\test user\Application Data\Default Folder\Default File.exe
  • c:\Documents and Settings\test user\Local Settings\Temp\sample\test_item.exe
Dropped Files
  • c:\Documents and Settings\test user\Application Data\imlgs\17-03-2014
    Size
    281
    SHA-1
    33961ae8e73ed211a51c941a6aa8e3bcea36be8b
    MD5
    36dade905222ca602ff44a00d1749b1f
    CRC-32
    be1cd27b
    File type
    Unspecified binary - probably data
    First seen
    2014-03-06
  • c:\Documents and Settings\test user\Application Data\install.imp
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Default Key
    c:\Documents and Settings\test user\Application Data\Default Folder\Default File.exe
Processes Created
  • c:\windows\system32\cmd.exe
  • c:\windows\system32\ping.exe
IP Connections
  • 1.1.1.1:
DNS Requests
  • ayool1.no-ip.org

download Try Sophos products for free
Download now