Troj/Bredo-AFB

Category: Viruses and Spyware Protection available since:28 Jan 2013 17:00:28 (GMT)
Type: Trojan Last Updated:28 Jan 2013 17:00:28 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Bredo-AFB exhibits the following characteristics:

File Information

Size
111K
SHA-1
217348c0d1c5db2eed0193a46ef161a8acb6fc8c
MD5
d2fdaf1e0f07f5dc6c638f0103fa26b7
CRC-32
2e9dc205
File type
Windows executable
First seen
2013-01-28

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\153546.exe
    Size
    156K
    SHA-1
    e910775e8dee0abf7ffdffedce1248921e686e4c
    MD5
    779ba927cfb93ad1b7863d20a80d85e3
    CRC-32
    5ab44900
    File type
    Windows executable
    First seen
    2013-01-28
  • c:\Documents and Settings\test user\Local Settings\Temp\152234.exe
    Size
    286K
    SHA-1
    f278728f454450199be84ab7daa537ad4efb6888
    MD5
    6e707070243aaaa2ebbadba8e077f805
    CRC-32
    5fcc8d9b
    File type
    Windows executable
    First seen
    2013-01-28
Registry Keys Created
  • HKCU\Software\WinRAR
    779BA927CFB93AD1B7863D20A80D85E3
    tr□Pe□
HTTP Requests
  • http://colemanandassociates.ca/y5s.exe
  • http://nextspaceptc.netsons.org/BdEDW3L.exe
  • http://strategix.home.pl/t1NNXD.exe
DNS Requests
  • 13.tokoaksesoriskomputer.com
  • colemanandassociates.ca
  • nextspaceptc.netsons.org
  • strategix.home.pl

download Try Sophos products for free
Download now

© 1997 - 2013 Sophos Ltd. All rights reserved. Legal Privacy Cookie Information