Examples of Troj/Agent-OOU include:
Example 1
File Information
- Size
- 96K
- SHA-1
- 677ded1cde63506c0037ddf6e19e8330aba67329
- MD5
- 37ab06f4cb6280fb41b2e930d0b43141
- CRC-32
- d7154760
- File type
- application/x-ms-dos-executable
- First seen
- 2010-09-01
Runtime Analysis
Copies Itself To
- c:\Documents and Settings\test user\Local Settings\Temp\apiqq0.dll
Dropped Files
- c:\Documents and Settings\test user\Local Settings\Temp\apiqq.exe
- Size
- 153K
- SHA-1
- 81ebe055b9475142f4aedf9d710887e9d128015a
- MD5
- 2f48c328d3e99b41961d7199cc17cc2c
- CRC-32
- 9920cd3e
- File type
- application/x-ms-dos-executable
- First seen
- 2010-09-01
Registry Keys Created
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run
- api32
- C:\DOCUME~1\support\LOCALS~1\Temp\apiqq.exe
- HKCR\CLSID\MADOWN
- urlinfo
- dswwbmh.v
HTTP Requests
- http://www.baiduotr.com/1mg/am.rar
- http://www.baiduotr.com/1mg/am1.rar
DNS Requests
Example 2
File Information
- Size
- 153K
- SHA-1
- 81ebe055b9475142f4aedf9d710887e9d128015a
- MD5
- 2f48c328d3e99b41961d7199cc17cc2c
- CRC-32
- 9920cd3e
- File type
- application/x-ms-dos-executable
- First seen
- 2010-09-01
Runtime Analysis
Copies Itself To
- c:\Documents and Settings\test user\Local Settings\Temp\apiqq.exe
Dropped Files
- c:\Documents and Settings\test user\Local Settings\Temp\apiqq0.dll
- Size
- 96K
- SHA-1
- 677ded1cde63506c0037ddf6e19e8330aba67329
- MD5
- 37ab06f4cb6280fb41b2e930d0b43141
- CRC-32
- d7154760
- File type
- application/x-ms-dos-executable
- First seen
- 2010-09-01
Registry Keys Created
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run
- api32
- C:\DOCUME~1\support\LOCALS~1\Temp\apiqq.exe
Processes Created
HTTP Requests
- http://www.baiduotr.com/1mg/am.rar
- http://www.baiduotr.com/1mg/am1.rar
DNS Requests