Troj/Agent-ZLT

Category:	Viruses and Spyware	Protection available since:	29 Dec 2012 13:35:22 (GMT)
Type:	Trojan	Last Updated:	29 Dec 2012 13:35:22 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Agent-ZLT include:

Example 1

File Information

Size: 679K
SHA-1: 32a20f0c45e5cfe56b1d304132865d1866ba026f
MD5: b95a0cac571bf4a247498e060e5fd85e
CRC-32: 5c77bfc1
File type: application/x-ms-dos-executable
First seen: 2012-12-29

Runtime Analysis

Copies Itself To

c:\Documents and Settings\test user\Local Settings\Temp\panmap.exe
c:\Documents and Settings\test user\Templates\explorer.exe

Dropped Files

c:\Documents and Settings\test user\Application Data\dclogs\2012-12-29-7.dc
Size
143
SHA-1
bb06a9dde93b65f63420ca5fbce333acfc71df25
MD5
4f5402a3ea3e712e1a1a1418b5025ba1
CRC-32
8fcb5692
File type
ASCII text / 8-bit Unicode Transformation Format
First seen
2012-12-29
c:\Documents and Settings\test user\Templates\CertPolEng.exe
Size
4.5K
SHA-1
8d82a6e78370a7c7920babb0ae55d8db8855c31a
MD5
e3b13ca37164560c995d5bbc95d57383
CRC-32
a8f5729a
File type
Windows executable
First seen
2012-12-19
c:\Documents and Settings\test user\Local Settings\Temp\Software\Products and Quotation.pdf
Size
42K
SHA-1
72a9ba69c73cb9430a5e8e5661f5f4b842197b78
MD5
a139d5bf9dd51341253c43326d40535f
CRC-32
5fb7b179
File type
Adobe Portable Document Format (PDF)
First seen
2012-09-26

Registry Keys Created

HKCU\Software\DC3_FEXEC
29/12/2012 at 07:27:50
{8683e91a-044e-11df-871e-806d6172696f-1612674719}
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Certificate Policy Engine
c:\Documents and Settings\test user\Templates\CertPolEng.exe

Processes Created

c:\Documents and Settings\test user\local settings\temp\panmap.exe
c:\Documents and Settings\test user\templates\certpoleng.exe
c:\Documents and Settings\test user\templates\explorer.exe
c:\program files\adobe\reader 8.0\reader\acrord32.exe
c:\windows\microsoft.net\framework\v2.0.50727\applaunch.exe

DNS Requests

chunkie.no-ip.biz

Example 2

File Information

Size: 4.5K
SHA-1: 8d82a6e78370a7c7920babb0ae55d8db8855c31a
MD5: e3b13ca37164560c995d5bbc95d57383
CRC-32: a8f5729a
File type: Windows executable
First seen: 2012-12-19

Try Sophos products for free
Download now

Security Goals

INDUSTRIES & SECTORS

COMPANY SIZE

PRODUCT FEATURES

CASE STUDIES

Company Overview

Our People

INNOVATIVE TECHNOLOGY

ALERT SERVICES

Product Features

Product Families

Complete Security

PRODUCTS BY NAME

Free Tools

Next Steps

RESOURCES

FIND AN ANSWER

Support by Product

Maintain your Product

Hire an Expert

WHAT'S POPULAR

THREAT ANALYSIS

THREAT STATISTICS

WHAT'S POPULAR

Threat Definitions

THREAT MONITORING

SECURITY HUBS

LIBRARY

Whats Popular

WHAT'S NEW

Community

IT SECURITY TRAINING

ANATOMY OF AN ATTACK

RESELLER PARTNERS

Managed Service Providers

SYSTEM INTEGRATORS

OEM and Technology

WHAT'S POPULAR

Troj/Agent-ZLT

Example 1

File Information

Runtime Analysis

Copies Itself To

Dropped Files

Registry Keys Created

Processes Created

DNS Requests

Example 2

File Information

Free Mac Anti-Virus

Popular topics