Troj/Banker-FKG

Category: Viruses and Spyware Protection available since:28 Jan 2012 02:52:48 (GMT)
Type: Trojan Last Updated:28 Jan 2012 06:22:12 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Banker-FKG exhibits the following characteristics:

File Information

Size
44K
SHA-1
d9b7ac487b1360fc14370b3c198f38885c6c156c
MD5
617537e0bad1db63d76a0e006bc0ad7a
CRC-32
dca3b363
File type
application/x-ms-dos-executable
First seen
2012-01-28

Runtime Analysis

Copies Itself To
  • C:\WINDOWS\system32\drivers\explorer.exe
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Windows Defender
    C:\WINDOWS\system32\drivers\explorer.exe
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
    ValidateAdminCodeSignatures
    0x00000000
HTTP Requests
  • http://www.jagdzuerich.ch/images/Wildlernanhaengerr1.jpg
  • http://www.unibell.com.pe/archivos/lanosterinn.png
DNS Requests
  • www.jagdzuerich.ch
  • www.unibell.com.pe

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy