Troj/Agent-ONA

Category: Viruses and Spyware Protection available since:04 Sep 2010 00:03:46 (GMT)
Type: Trojan Last Updated:04 Sep 2010 00:03:46 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Agent-ONA include:

Example 1

File Information

Size
228K
SHA-1
0048b57cc1e563714c3a24c3ff80de59d669cae8
MD5
e2c7ca15165f0ce773962104f2aca10e
CRC-32
84a217ac
File type
application/x-ms-dos-executable
First seen
2010-09-03

Other vendor detection

Avira
TR/Crypt.ZPACK.Gen

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Temp\IOTL2YTXSGNJ.EXE
Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\IOTL2ZPLA.EXE
    Size
    24K
    SHA-1
    7a9617c36d0e8bfccf87f2029c1c94f55b6f9d13
    MD5
    de391ae2ca3b678b5c6472b3e5c6ac08
    CRC-32
    2bb3f202
    File type
    application/x-ms-dos-executable
    First seen
    2010-09-03
  • C:\WINDOWS\system32\72283225\tst
Processes Created
  • c:\docume~1\support\locals~1\temp\iotl2ytxsgnj.exe
  • c:\docume~1\support\locals~1\temp\iotl2zpla.exe

Example 2

File Information

Size
438K
SHA-1
19ee1059b2b7e1cedb2cdaf39cb8c98184a349d9
MD5
dde2859b064b73fc0b4265c0989c789a
CRC-32
6c08d828
File type
application/x-ms-dos-executable
First seen
2010-09-03

Other vendor detection

Avira
TR/Dropper.Gen

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\~DF95A0.tmp
    Size
    224K
    SHA-1
    c2ffe1ecc942ce6bc87484d9d5c9447448d72693
    MD5
    7f824fbb226f2c36e642f0f55c2e7f64
    CRC-32
    e9b82b51
    File type
    application/octet-stream
    First seen
    2010-09-03
  • C:\WINDOWS\system32\72283225\tst
  • c:\Documents and Settings\test user\Local Settings\Temp\IOTL30G2A.EXE
    Size
    24K
    SHA-1
    7a9617c36d0e8bfccf87f2029c1c94f55b6f9d13
    MD5
    de391ae2ca3b678b5c6472b3e5c6ac08
    CRC-32
    2bb3f202
    File type
    application/x-ms-dos-executable
    First seen
    2010-09-03
  • c:\Documents and Settings\test user\Local Settings\Temp\IOTL2ZJJSGNJ.EXE
    Size
    228K
    SHA-1
    0048b57cc1e563714c3a24c3ff80de59d669cae8
    MD5
    e2c7ca15165f0ce773962104f2aca10e
    CRC-32
    84a217ac
    File type
    application/x-ms-dos-executable
    First seen
    2010-09-03
Processes Created
  • c:\docume~1\support\locals~1\temp\iotl2zjjsgnj.exe
  • c:\docume~1\support\locals~1\temp\iotl30g2a.exe

Example 3

File Information

Size
2.5K
SHA-1
24af6ec292ed944b2baf97e07d2d070642d3ef16
MD5
7ff11e71a5564557aa3a36ea56234541
CRC-32
c94103db
File type
application/x-ms-dos-executable
First seen
2010-09-03

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy