Troj/Dloadr-DRN exhibits the following characteristics:
File Information
- Size
- 100K
- SHA-1
- 014fe37cd0b08936b54dabb2d44ca0901f741184
- MD5
- 31de2e1b48a8341c3732b97e61712a56
- CRC-32
- 04f0cdab
- File type
- Windows executable
- First seen
- 2013-03-05
Runtime Analysis
Copies Itself To
- c:\Documents and Settings\test user\Application Data\KB00954719.exe
Registry Keys Created
- HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
- GlobalUserOffline
- 0x00000000
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run
- KB00954719.exe
- "c:\Documents and Settings\test user\Application Data\KB00954719.exe"
Processes Created
- c:\Documents and Settings\test user\application data\kb00954719.exe
- c:\windows\system32\cmd.exe
IP Connections
- 109.168.106.162:8080
- 141.219.153.206:8080
- 149.156.96.9:8080
- 161.246.35.117:8080
- 174.121.67.199:8080
- 174.143.234.138:8080
- 18.79.3.253:8080
- 188.138.96.241:8080
- 194.249.217.8:8080
- 194.97.99.120:8080
- 195.191.22.97:8080
- 202.29.5.195:8080
- 203.171.234.53:8080
- 209.17.186.246:8080
- 212.68.63.82:8080
- 213.214.74.5:8080
- 213.251.164.83:8080
- 31.3.103.101:8080
- 64.85.53.168:8080
- 72.251.206.90:8080
- 78.47.153.131:8080
- 82.100.228.130:8080
- 85.214.143.90:8080
- 88.119.156.20:8080
- 91.199.155.222:8080