Troj/Agent-ORE

Category:	Viruses and Spyware	Protection available since:	10 Sep 2010 14:40:01 (GMT)
Type:	Trojan	Last Updated:	10 Sep 2010 14:40:01 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Agent-ORE include:

Example 1

File Information

Size: 18K
SHA-1: 15fde578e9301ae3d89e4bff20f1f8f6d0698561
MD5: 2f8912cfb3659394dff987dc3c437076
CRC-32: 589db089
File type: application/x-ms-dos-executable
First seen: 2010-09-10

Other vendor detection

Avira: BDS/TDSS.akg

Runtime Analysis

Dropped Files

c:\Documents and Settings\test user\Local Settings\Temp\3q7wS1e9.exe
Size
633
SHA-1
c129b474a3bd4bb0f3605a294bee5cc2c9237e6d
MD5
f7cfab11f6115c15a83036262efa917f
CRC-32
ea093c57
File type
text/html
First seen
2010-11-11

HTTP Requests

http://bolinstiz.com/dd.php

DNS Requests

bolinstiz.com

Example 2

File Information

Size: 18K
SHA-1: 41ce0af1296f715786f3c6ab0d3afd350ed46cf9
MD5: e86e278785a826bc8f4890154922cda6
CRC-32: b2bb3127
File type: application/x-ms-dos-executable
First seen: 2010-09-10

Other vendor detection

Avira: BDS/TDSS.akg
Kaspersky: Backdoor.Win32.TDSS.akg

Runtime Analysis

Dropped Files

C:\WINDOWS\system32\spool\prtprocs\w32x86\xQ3wSK31g9.dll
Size
18K
SHA-1
15fde578e9301ae3d89e4bff20f1f8f6d0698561
MD5
2f8912cfb3659394dff987dc3c437076
CRC-32
589db089
File type
application/x-ms-dos-executable
First seen
2010-09-10

Try Sophos products for free
Download now