Troj/LiteCoin-B

Category: Viruses and Spyware Protection available since:25 Sep 2013 01:58:50 (GMT)
Type: Trojan Last Updated:25 Sep 2013 01:58:50 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/LiteCoin-B include:

Example 1

File Information

File type
Windows executable

Other vendor detection

Avira
TR/Kazy.174452.2

Runtime Analysis

Registry Keys Modified
  • HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
    Shell
    C:\WINDOWS\explorer.exe, c:\test_item.exe
Processes Created
  • c:\windows\system32\cmd.exe
  • c:\windows\system32\reg.exe

Example 2

File Information

File type
Windows executable

Other vendor detection

Avira
TR/Agent.743424.15

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Temp\memtest.exe
Dropped Files
  • C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch
  • C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch
  • c:\Documents and Settings\test user\Local Settings\Temp\wdisplay.exe
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
    Shell
    C:\WINDOWS\explorer.exe, c:\Documents and Settings\test user\Local Settings\Temp\wdisplay.exe
Processes Created
  • c:\Documents and Settings\test user\local settings\temp\memtest.exe
  • c:\Documents and Settings\test user\local settings\temp\wdisplay.exe
  • c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
  • c:\windows\system32\cmd.exe
  • c:\windows\system32\reg.exe
DNS Requests
  • litecoinpool.org

download Try Sophos products for free
Download now