Troj/DotNet-O

Category: Viruses and Spyware Protection available since:27 Sep 2013 21:42:51 (GMT)
Type: Trojan Last Updated:27 Sep 2013 21:42:51 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/DotNet-O exhibits the following characteristics:

File Information

Size
724K
SHA-1
1a090495e4736346f15593dc7cb4c2bacedaa182
MD5
416d08efb70751775cb4f8af82101921
CRC-32
42502ade
File type
Windows executable
First seen
2013-09-27

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Temp\Win Update\Win Update.exe
Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\AppLunch\vbc.exe
  • c:\Documents and Settings\test user\Application Data\dclogs\2013-09-27-6.dc
    Size
    33
    SHA-1
    a2e123d2e494d4163480f2ba0919b0113dcd66a3
    MD5
    ee14c96ae5758bf458e3f7db3939c9c1
    CRC-32
    7279d28a
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2013-09-27
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Win Update
    c:\Documents and Settings\test user\Local Settings\Temp\Win Update\Win Update.exe
Processes Created
  • c:\Documents and Settings\test user\local settings\temp\applunch\vbc.exe
DNS Requests
  • annetavetian.zapto.org

download Try Sophos products for free
Download now