Troj/FakeAV-BSC exhibits the following characteristics:
File Information
- Size
- 238K
- SHA-1
- 5e2a68c27576545c1798a3bcb270eb43dce82e3a
- MD5
- 33717c8a89d1d19422ffa5dad6ad587c
- CRC-32
- 638e8884
- File type
- application/x-ms-dos-executable
- First seen
- 2010-09-07
Runtime Analysis
Copies Itself To
- c:\Documents and Settings\test user\Local Settings\Application Data\lqsxfqwjt\ocjqdhjuqiw.exe
Registry Keys Created
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run
- cnblkdvg
- c:\Documents and Settings\test user\Local Settings\Application Data\lqsxfqwjt\ocjqdhjuqiw.exe
- HKCU\Software\Microsoft\Internet Explorer\Download
- RunInvalidSignatures
- 0x00000001
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- cnblkdvg
- c:\Documents and Settings\test user\Local Settings\Application Data\lqsxfqwjt\ocjqdhjuqiw.exe
- HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
- SaveZoneInformation
- 0x00000001
Registry Keys Modified
- HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
- LowRiskFileTypes
- .exe
- HKCU\Software\Microsoft\Internet Explorer\Download
- CheckExeSignatures
- no