Troj/Agent-OQN

Category: Viruses and Spyware Protection available since:09 Sep 2010 13:37:33 (GMT)
Type: Trojan Last Updated:09 Sep 2010 13:37:33 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Agent-OQN exhibits the following characteristics:

File Information

Size
308K
SHA-1
88561a86a27f646a012bdd2f44350dfa0dff4ac7
MD5
cea76005b9e2d59864fd23c46806d07e
CRC-32
1b2abfce
File type
application/x-ms-dos-executable
First seen
2010-09-08

Runtime Analysis

Registry Keys Created
  • HKEY_USERS\S-1-5-20_Classes\Software\Zghypcxhle\CLSID
    (Default)
    {e431c5c7-a73c-4e30-9cfa-c1e3279e7c09}
  • HKCR\Zghypcxhle\CLSID
    (Default)
    {e431c5c7-a73c-4e30-9cfa-c1e3279e7c09}
  • HKCU\Software\Microsoft\Internet Explorer\Main
    XMLHTTP_UUID_Default
    2f 39 20 f3 92 06 44 47 b6 27 f3 35 e6 67 82 67
  • HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main
    XMLHTTP_UUID_Default
    2f 39 20 f3 92 06 44 47 b6 27 f3 35 e6 67 82 67
  • HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main
    XMLHTTP_UUID_Default
    2f 39 20 f3 92 06 44 47 b6 27 f3 35 e6 67 82 67
  • HKCU\Software\Zghypcxhle\CLSID
    (Default)
    {e431c5c7-a73c-4e30-9cfa-c1e3279e7c09}
  • HKEY_USERS\S-1-5-20\Software\Zghypcxhle\CLSID
    (Default)
    {e431c5c7-a73c-4e30-9cfa-c1e3279e7c09}
  • HKEY_USERS\S-1-5-18\Software\Zghypcxhle\CLSID
    (Default)
    {e431c5c7-a73c-4e30-9cfa-c1e3279e7c09}
  • HKEY_USERS\S-1-5-19\Software\Zghypcxhle\CLSID
    (Default)
    {e431c5c7-a73c-4e30-9cfa-c1e3279e7c09}
  • HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main
    XMLHTTP_UUID_Default
    2f 39 20 f3 92 06 44 47 b6 27 f3 35 e6 67 82 67
  • HKEY_USERS\S-1-5-20\Software\Classes\Software\Zghypcxhle\CLSID
    (Default)
    {e431c5c7-a73c-4e30-9cfa-c1e3279e7c09}
  • HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main
    XMLHTTP_UUID_Default
    2f 39 20 f3 92 06 44 47 b6 27 f3 35 e6 67 82 67
  • HKCU_Classes\Software\Zghypcxhle\CLSID
    (Default)
    {e431c5c7-a73c-4e30-9cfa-c1e3279e7c09}
  • HKCU\Software\Classes\Software\Zghypcxhle\CLSID
    (Default)
    {e431c5c7-a73c-4e30-9cfa-c1e3279e7c09}
  • HKCR\CLSID\{F320392F-0692-4744-B627-F335E6678267}\InprocServer32
    (Default)
    c:\test_item.dll
  • HKEY_USERS\S-1-5-19_Classes\Software\Zghypcxhle\CLSID
    (Default)
    {e431c5c7-a73c-4e30-9cfa-c1e3279e7c09}

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy