Troj/Bckdr-ROU exhibits the following characteristics:
File Information
- Size
- 89K
- SHA-1
- 53805fdf6ab1ce492e40829a6a049a3b9f361ab5
- MD5
- 22f20c03ba8c7c97c7082468ec3eb5a0
- CRC-32
- c37d7b35
- File type
- Windows executable
- First seen
- 2012-12-02
Other vendor detection
- Avira
- WORM/Rbot.Gen
- Kaspersky
- HEUR:Trojan.Win32.Generic
Runtime Analysis
Copies Itself To
- C:\WINDOWS\system32\CAliveService.exe
Registry Keys Created
- HKLM\SYSTEM\CurrentControlSet\Services\CWindows Test My Test 1.0
- Description
- CThis is Windows Test My Test Server 1.0
- HKLM\SYSTEM\CurrentControlSet\Services\CWindows Test My Test 1.0\Enum
- NextInstance
- 0x00000001
- HKLM\SYSTEM\CurrentControlSet\Services\CWindows Test My Test 1.0\Security
- Security
- □□□@□□□□□□□□□□□□□□@□□□□□□□□□□□ □□□□□□□□□□□ □□@□□□□□□□□□□□□□□□□□□□□□□□□□□ □□□□□@□□□□□□□□@□□□□□ □□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□@□□□□□ □□□□□□□□□□□□□□□□□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□□□□0□□□□□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□ □□□□□
Processes Created
- c:\windows\system32\caliveservice.exe
- c:\windows\system32\cmd.exe
DNS Requests