Troj/Dloadr-DCS

Category:	Viruses and Spyware	Protection available since:	01 Sep 2010 14:37:12 (GMT)
Type:	Trojan	Last Updated:	01 Sep 2010 14:37:12 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Example behaviours of Troj/Dloadr-DCS follow:

Example 1

File Information

Size: 85K
SHA-1: 54054625dfc144164e658dde9d785f8abd21de84
MD5: 862c8bc96aab10bf65b125e0154700bb
CRC-32: b57fe967
File type: application/x-ms-dos-executable
First seen: 2010-09-01

Other vendor detection

Avira: TR/Dldr.Delphi.Gen

Example 2

File Information

Size: 85K
SHA-1: 1c49594377fd4038f27335ed8c24a815524728ce
MD5: 149385e024516f74a68f3103b8c1c156
CRC-32: 9f8d6453
File type: application/x-ms-dos-executable
First seen: 2010-09-01

Runtime Analysis

Dropped Files

C:\Documents and Settings\support\Local Settings\Temp\Acr5D99.tmp
Size
112K
SHA-1
1cd775b878a4172d9751636349509781ce0f8c0e
MD5
22efc3c426052ebb4727a90b1a8ffa7f
CRC-32
9589bb8c
First seen
2010-08-12
C:\Documents and Settings\support\Local Settings\Temp\Acr5D9A.tmp
Size
358
SHA-1
a07b38fd4dbe8aa3d9eed1c85935efc9bbbfc25b
MD5
be81ef3d36b84698cfc5d0501c76fc14
CRC-32
926e6e16
File type
application/pdf
First seen
2010-09-01

Processes Created

c:\program files\adobe\reader 8.0\reader\acrord32.exe
c:\program files\internet explorer\iexplore.exe
c:\windows\explorer.exe

HTTP Requests

http://www.irs.gov/pub/irs-pdf/f941.pdf

DNS Requests

www.irs.gov

Try Sophos products for free
Download now