Troj/Injecto-CS

Category: Viruses and Spyware Protection available since:20 Nov 2013 13:07:54 (GMT)
Type: Trojan Last Updated:20 Nov 2013 13:07:54 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Injecto-CS exhibits the following characteristics:

File Information

Size
110K
SHA-1
029add507ba16355836449a6b615ee432221ca6e
MD5
fcf228dbf91b33c070f6101e6a3bc30f
CRC-32
c9276669
File type
Windows executable
First seen
2013-11-20

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Application Data\yahoo.exe
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    cf0f912aa87fb87dd09d7a961213c3f7
    "c:\Documents and Settings\test user\Application Data\yahoo.exe" ..
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    cf0f912aa87fb87dd09d7a961213c3f7
    "c:\Documents and Settings\test user\Application Data\yahoo.exe" ..
  • HKCU\Environment
    SEE_MASK_NOZONECHECKS
    1
Processes Created
  • c:\Documents and Settings\test user\application data\yahoo.exe
  • c:\windows\system32\netsh.exe
DNS Requests
  • youtubee12.sytes.net

download Try Sophos products for free
Download now