Troj/Agent-XYK

Category:	Viruses and Spyware	Protection available since:	27 Sep 2012 09:35:36 (GMT)
Type:	Trojan	Last Updated:	27 Sep 2012 09:35:36 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Agent-XYK exhibits the following characteristics:

File Information

Size: 760K
SHA-1: 032ea55994627899b792fd44a800732af35b40c7
MD5: 05d841167a46fe43125ce83b8f6c1246
CRC-32: dd5b9301
File type: Windows executable
First seen: 2012-08-27

Other vendor detection

Avira: TR/Crypt.CFI.Gen
Kaspersky: HEUR:Trojan.Win32.Generic

Runtime Analysis

Dropped Files

c:\Documents and Settings\test user\Local Settings\Temp\~DF345D.tmp
Size
32K
SHA-1
049ba36f38945632a13d7c474a612fcc54ba57fa
MD5
c0a6c1966b71bbdbd0ac3a4a26516ad0
CRC-32
59bf0e63
File type
Microsoft OLE2 file format
First seen
2011-08-18

Registry Keys Created

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012012082720120828
CacheRepair
0x00000000
HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication
Name
iexplore.exe

Registry Keys Modified

HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication
ID
0x48025225

Processes Created

c:\windows\explorer.exe

HTTP Requests

http://s.ytimg.com/yt/cssbin/www-core-vflFEEvc3.css
http://s.ytimg.com/yt/cssbin/www-marketing-vfltvMWNa.css
http://s.ytimg.com/yt/cssbin/www-the-rest-vflNb6rAI.css
http://s.ytimg.com/yt/img/marketing/browsers/chrome-vflbrSn5t.png
http://s.ytimg.com/yt/img/marketing/browsers/firefox-vflkT4oSN.png
http://s.ytimg.com/yt/img/marketing/browsers/ie8-vflwnFMag.png
http://s.ytimg.com/yt/img/marketing/browsers/mr-meh-vflAEr4Cy.png
http://s.ytimg.com/yt/img/marketing/browsers/safari-vflIOoRbM.png
http://s.ytimg.com/yt/img/no_videos_140-vfl5AhOQY.png
http://s.ytimg.com/yt/img/pixel-vfl3z5WfW.gif
http://s.ytimg.com/yt/img/refresh/horizontal_rule-vflnwaP_x.png
http://s.ytimg.com/yt/imgbin/www-dividers-vflkSTcwN.png
http://s.ytimg.com/yt/imgbin/www-refresh-vflYuQdZF.png
http://s.ytimg.com/yt/imgbin/www-refreshbg-vflC3wnbM.png
http://s.ytimg.com/yt/jsbin/www-core-vflXbNOgS.js
http://www.youtube.com/
http://www.youtube.com/supported_browsers
http://www.youtube.com/watch

DNS Requests

s.ytimg.com
www.caixadourada.sitebrasil.org
www.youtube.com

Try Sophos products for free
Download now

Security Goals

INDUSTRIES & SECTORS

COMPANY SIZE

PRODUCT FEATURES

CASE STUDIES

Company Overview

Our People

INNOVATIVE TECHNOLOGY

ALERT SERVICES

Product Features

Product Families

Complete Security

PRODUCTS BY NAME

Free Tools

Next Steps

RESOURCES

FIND AN ANSWER

Support by Product

Maintain your Product

Hire an Expert

WHAT'S POPULAR

THREAT ANALYSIS

THREAT STATISTICS

WHAT'S POPULAR

Threat Definitions

THREAT MONITORING

SECURITY HUBS

LIBRARY

Whats Popular

WHAT'S NEW

Community

IT SECURITY TRAINING

ANATOMY OF AN ATTACK

RESELLER PARTNERS

Managed Service Providers

SYSTEM INTEGRATORS

OEM and Technology

WHAT'S POPULAR

Troj/Agent-XYK

File Information

Other vendor detection

Runtime Analysis

Dropped Files

Registry Keys Created

Registry Keys Modified

Processes Created

HTTP Requests

DNS Requests

Free Mac Anti-Virus

Popular topics