Troj/DwnLdr-LNN

Category: Viruses and Spyware Protection available since:05 May 2014 15:51:59 (GMT)
Type: Trojan Last Updated:07 May 2014 12:10:23 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/DwnLdr-LNN include:

Example 1

File Information

Size
58K
SHA-1
000519e681cc302dc99309687f44f9aaf973ebd2
MD5
95e79be5eb935d548ca1fe7a8aa9cef1
CRC-32
2630c31c
File type
Windows executable
First seen
2014-05-05

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\temp_cab_111953.cab
    Size
    6.0K
    SHA-1
    b83171382aaae42b06c4a622e43d979c3be62e0d
    MD5
    c9902e4b6e5030a43288081e012761d5
    CRC-32
    677640e4
    File type
    application/octet-stream
    First seen
    2014-04-30
  • c:\Documents and Settings\test user\Local Settings\Temp\sample.gif
    Size
    5.9K
    SHA-1
    f90229e3554e0cf96a9fa18db8a1c4e187b438fc
    MD5
    4ac635d32ef0299eded2176bee0c6235
    CRC-32
    b72fa811
    File type
    image/gif
    First seen
    2014-04-30
Processes Created
  • c:\windows\system32\rundll32.exe
HTTP Requests
  • http://windowsupdate.microsoft.com/
DNS Requests
  • windowsupdate.microsoft.com

Example 2

File Information

Size
58K
SHA-1
0045d82403d3842cb39e3ace9a2440b4750b0623
MD5
08949f9416271fcdf275ecee51d19b4b
CRC-32
1216d13e
File type
Windows executable
First seen
2014-05-05

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\temp_cab_128906.cab
    Size
    6.0K
    SHA-1
    b83171382aaae42b06c4a622e43d979c3be62e0d
    MD5
    c9902e4b6e5030a43288081e012761d5
    CRC-32
    677640e4
    File type
    application/octet-stream
    First seen
    2014-04-30
  • c:\Documents and Settings\test user\Local Settings\Temp\sample.gif
    Size
    5.9K
    SHA-1
    f90229e3554e0cf96a9fa18db8a1c4e187b438fc
    MD5
    4ac635d32ef0299eded2176bee0c6235
    CRC-32
    b72fa811
    File type
    image/gif
    First seen
    2014-04-30
Processes Created
  • c:\windows\system32\rundll32.exe
HTTP Requests
  • http://windowsupdate.microsoft.com/
DNS Requests
  • windowsupdate.microsoft.com

Example 3

File Information

Size
58K
SHA-1
00488de645c78f3583515cc9197230e611b1a988
MD5
196c095988b76db9d1d833b0dcb37ae6
CRC-32
3ef59a92
File type
application/x-ms-dos-executable
First seen
2014-05-07

Other vendor detection

Avira
TR/Dropper.VB.14880

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\sample.gif
    Size
    5.9K
    SHA-1
    f90229e3554e0cf96a9fa18db8a1c4e187b438fc
    MD5
    4ac635d32ef0299eded2176bee0c6235
    CRC-32
    b72fa811
    File type
    image/gif
    First seen
    2014-04-30
  • c:\Documents and Settings\test user\Local Settings\Temp\temp_cab_114265.cab
    Size
    6.0K
    SHA-1
    b83171382aaae42b06c4a622e43d979c3be62e0d
    MD5
    c9902e4b6e5030a43288081e012761d5
    CRC-32
    677640e4
    File type
    application/octet-stream
    First seen
    2014-04-30
Processes Created
  • c:\windows\system32\rundll32.exe
HTTP Requests
  • http://windowsupdate.microsoft.com/
DNS Requests
  • windowsupdate.microsoft.com

download Try Sophos products for free
Download now