Troj/Kryptik-AJ

Category: Viruses and Spyware Protection available since:12 May 2013 05:09:34 (GMT)
Type: Trojan Last Updated:12 Jul 2013 23:51:05 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Kryptik-AJ include:

Example 1

File Information

Size
34K
SHA-1
0ed581018dd7a7faa494d4334652f62c12c26093
MD5
0f95212df64486caad2736872bd8a9b1
CRC-32
35c1a771
File type
Windows executable
First seen
2013-05-16

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Application Data\aloogmgf.exe
Dropped Files
  • C:\sample.txt
Processes Created
  • c:\windows\system32\notepad.exe
  • c:\windows\system32\svchost.exe
IP Connections
  • 166.78.205.55:8080
  • 182.18.128.254:8090
  • 190.10.14.197:8080
  • 209.188.92.45:8080
  • 23.21.190.217:8080
  • 37.122.208.38:8080
  • 46.105.143.107:8090
  • 5.135.115.219:8080
  • 5.135.115.220:8080
  • 68.233.32.99:8080
  • 74.125.229.162:8080
  • 91.121.10.218:8080

Example 2

File Information

Size
32K
SHA-1
1b1f60f50a57104b70ce624aebfb3522e6bcaaec
MD5
27a0a488bae4b1f81161f475a8f99561
CRC-32
724c40ad
File type
Windows executable
First seen
2013-05-12

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Application Data\hpjruhqj.exe
Dropped Files
  • C:\sample.txt
Processes Created
  • c:\windows\system32\notepad.exe
  • c:\windows\system32\svchost.exe
IP Connections
  • 166.78.205.55:8080
  • 182.18.128.254:8090
  • 190.10.14.197:8080
  • 209.188.92.45:8080
  • 23.21.190.217:8080
  • 37.122.208.38:8080
  • 46.105.143.107:8090
  • 5.135.115.219:8080
  • 5.135.115.220:8080
  • 68.233.32.99:8080
  • 74.125.229.162:8080
  • 91.121.10.218:8080

Example 3

File Information

Size
31K
SHA-1
27a5245537b37f76f376b115aace14fdaa17b08e
MD5
5b2406d090bc53aa13cf4922bf3aa809
CRC-32
4b99a892
File type
Windows executable
First seen
2013-02-07

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Application Data\sudtuxxb.exe
Dropped Files
  • C:\sample.txt
Processes Created
  • c:\windows\system32\notepad.exe
  • c:\windows\system32\svchost.exe
IP Connections
  • 166.78.205.55:8080
  • 217.8.253.250:8080
  • 23.21.190.217:8080
  • 5.135.115.194:8080
  • 5.135.115.195:8080
  • 5.135.115.200:8080
  • 5.135.115.219:8080
  • 5.135.115.220:8080
  • 74.125.229.162:8080
  • 78.110.162.73:8080
  • 78.110.162.79:8080
  • 87.239.158.91:8080
  • 94.23.38.214:8080

download Try Sophos products for free
Download now