Troj/Banloa-QN

Category: Viruses and Spyware Protection available since:26 Sep 2013 07:07:43 (GMT)
Type: Trojan Last Updated:26 Sep 2013 07:07:43 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Banloa-QN include:

Example 1

File Information

Size
520K
SHA-1
556eaf1f0466f494182fec43aafa0dc60ee2a518
MD5
46efc575e3b8a03188d237eaf21b230d
CRC-32
143b9e86
File type
Windows executable
First seen
2013-09-25

Runtime Analysis

Copies Itself To
  • C:\Image3D89.scr
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    PhotoShop
    C:\Image3D89.scr
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    AutoConfigURL
    http://www.orcycle.be/administrator/components/com_virtuemart/html/config.jsp
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    ProxyEnable
    0x0000001
DNS Requests
  • www.rpsengenharia.com.br

Example 2

File Information

Size
232K
SHA-1
5de28f407e9e866b5b393347644a381ec5ef2992
MD5
a3f71d5c5aef2ded555e20c760f19853
CRC-32
6e07a784
File type
Windows executable
First seen
2013-09-25

Runtime Analysis

Copies Itself To
  • C:\Image3D89.scr
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    AutoConfigURL
    http://www.orcycle.be/administrator/components/com_virtuemart/html/config.jsp
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    PhotoShop
    C:\Image3D89.scr
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    ProxyEnable
    0x0000001
DNS Requests
  • www.rpsengenharia.com.br

download Try Sophos products for free
Download now