Examples of Troj/Katusha-BB include:
Example 1
File Information
- Size
- 64K
- SHA-1
- 0391214eeed2754e8bd45585b212f4f72eb86fad
- MD5
- b69f17e59315345d715ef5c058468fe6
- CRC-32
- dad9e464
- File type
- Windows executable
- First seen
- 2012-10-09
Runtime Analysis
Registry Keys Created
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run
- (Default)
- c:\test_item.exe
Registry Keys Modified
- HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication
- Name
- test_item.exe
- HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer
- CleanShutdown
- 0x00000001
HTTP Requests
- http://hmhimnknhp.my-files-download.ru/.ru%60utr/qiq
- http://hmhimnknhp.my-files-download.ru/.ru`utr/qiq
- http://hmhimnknhp.superhttp.info/error.png
- http://hmhimnknhp.superhttp.info/get.php
- http://hmhimnknhp.superhttp.info/header.jpg
- http://hmhimnknhp.superhttp.info/ic_1.png
- http://hmhimnknhp.superhttp.info/ic_2.png
- http://hmhimnknhp.superhttp.info/ic_2_1.png
- http://hmhimnknhp.superhttp.info/ic_2_2.png
- http://hmhimnknhp.superhttp.info/nosignal.jpg
- http://hmhimnknhp.superhttp.info/notice.png
- http://hmhimnknhp.superhttp.info/style.css
IP Connections
DNS Requests
- hmhimnknhp.my-files-download.ru
- hmhimnknhp.superhttp.info
Example 2
File Information
- Size
- 39K
- SHA-1
- 44dff69a0da1be1dd9db2f8a1bc2b3979693a0c3
- MD5
- a424c1c659a65ea2b5be30993b749977
- CRC-32
- aefe7204
- File type
- Windows executable
- First seen
- 2012-10-09