Troj/Inject-AHG

Category: Viruses and Spyware Protection available since:01 Apr 2013 04:25:56 (GMT)
Type: Trojan Last Updated:01 Apr 2013 04:25:56 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Inject-AHG include:

Example 1

File Information

Size
5.5K
SHA-1
48bb506b48e4318b8d5b09f5c2e6644c4af815a7
MD5
fae00a811e01ae2eb37be2e7a62e9ef6
CRC-32
1aa0cd34
File type
application/x-ms-dos-executable
First seen
2013-03-31

Runtime Analysis

Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Flash2013
    c:\test_item.exe
HTTP Requests
  • http://shoppingprocon.com/update.php
DNS Requests
  • shoppingprocon.com

Example 2

File Information

Size
179K
SHA-1
52b2453738e98450f3220c8020381ab295573134
MD5
0d9dbfdabfbc35b00c6c9d287acb2f00
CRC-32
41352407
File type
application/x-ms-dos-executable
First seen
2013-03-31

Runtime Analysis

Registry Keys Created
  • HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
    13853:TCP
    13853:TCP:*:Enabled:Remote Assistance Remote
  • HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows
    Run
    C:\DOCUME~1\support\APPLIC~1\Fontcore\Fontcore.exe
Processes Created
  • c:\Documents and Settings\test user\application data\fontcore\fontcore.exe
  • c:\windows\explorer.exe

Example 3

File Information

Size
208K
SHA-1
d6952bb1455dfefeb122e28e2652845550fb862b
MD5
3cbfcf820d292eb51f0f296800c1d403
CRC-32
e314c219
File type
application/x-ms-dos-executable
First seen
2013-03-31

download Try Sophos products for free
Download now