Troj/Celdro-Gen

Category:	Viruses and Spyware	Protection available since:	10 Sep 2010 18:18:04 (GMT)
Type:	Trojan	Last Updated:	10 Sep 2010 18:18:04 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Summary

Troj/Celdro-Gen is a Trojan that attempts to drop further files, sometimes injecting them into other processes.

Examples of Troj/Celdro-Gen include:

Example 1

File Information

Size: 65K
SHA-1: 4a7ff8b4f7f589a715f4b9b948badb8565a21981
MD5: d14bc0e57f3db80bdda9855d70836755
CRC-32: 9f9736a1
File type: application/x-ms-dos-executable
First seen: 2010-09-10

Other vendor detection

Avira: HEUR/Malware

Runtime Analysis

Copies Itself To

C:\WINDOWS\system\LZEXQAND.exe

Dropped Files

C:\WINDOWS\system32\dp1aysvc.exe
Size
28K
SHA-1
885470f340f3e714ea0ed769f15098dd070acd76
MD5
e41e8838ae9689419a9e11bb56a02419
CRC-32
36873384
File type
application/x-ms-dos-executable
First seen
2010-09-10

Example 2

File Information

Size: 116K
SHA-1: 89a4bc5cafaec80a61c6ecf20f4c8fc8e4d27f03
MD5: e355569bd95e1873b8ff081dceedecb5
CRC-32: c6254655
File type: application/x-ms-dos-executable
First seen: 2010-09-05

Other vendor detection

Avira: TR/ATRAPS.Gen

Runtime Analysis

Copies Itself To

C:\WINDOWS\system\LZEXQAND.exe

Dropped Files

C:\WINDOWS\system32\dp1aysvr.exe

Example 3

File Information

Size: 81K
SHA-1: efab48c2d4268544c5e66fec51d231a103236cc2
MD5: f301e7ced349b3e7e5921448775762b7
CRC-32: 3d266265
File type: application/x-ms-dos-executable
First seen: 2010-09-10

Other vendor detection

Avira: TR/Spy.Gen

Runtime Analysis

Dropped Files

C:\WINDOWS\system32\MSIE.dll
Size
48K
SHA-1
d0434e9ae0672b6e446ccc4cce090f91b85ee2bf
MD5
fb8a307d4f9427705e31de53b68b3cfd
CRC-32
121af407
File type
application/x-ms-dos-executable
First seen
2010-09-10

Try Sophos products for free
Download now