Troj/Agent-YVY exhibits the following characteristics:
File Information
- Size
- 386K
- SHA-1
- af84b8f0821e050e2bf6e066527927185688b06c
- MD5
- a26e282e17075058c2fecdd5beb2572b
- CRC-32
- 1b8b7749
- File type
- Windows executable
- First seen
- 2012-11-16
Other vendor detection
- Avira
- TR/Dropper.Gen
Runtime Analysis
Registry Keys Created
- HKLM\SOFTWARE\PDF
- nck
- □?□□□□□□□`w□P□□□t□□□□□g□
- HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9B71D88C-C598-4935-C5D1-43AA4DB90836}
- stubpath
- C:\WINDOWS\system32\system32\ser.exe s
- HKCU\Software\PDF
- plg1
- □D□□□□0'□p_□□□□□□□□□□P□□□5□□X□□□□□□□@□□□□□@O□□□□□]□□□□□□□□□□□□□□□□@□□0□□□i□□p□P□□0^□□v□`b□□□□□z□□□□`□□□□□□V□□□□□□□□N□□□□0□□□□□□C□□□□0{□□□□0,□p□□p□□□|□`r□□□□□□□□□□ *□□□□□□□□\□□□□□S□p□□□'□□k□□□□p□□□□□ □□□>□□□□0□□□□□□E□ □□ □□□□□□□□□□□□□□`□□@□□0□□0□□□□□□□□PD□`□□0□□p^□pN□□8□□□□□□□□N□@□□Pd□ D□P=□ □□□□□□□□□□□P□□□□□□□□ps□□□□ 8□0□□@□□@0□□V□P!□p□□□*□□z□□□□0□□□□□@□□□□□@□□□□□□^□□M□@□□□t□□@□`:□□Z□□A□
DNS Requests