Troj/MSIL-AK

Category: Viruses and Spyware Protection available since:18 Nov 2012 13:17:42 (GMT)
Type: Trojan Last Updated:18 Nov 2012 13:17:42 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/MSIL-AK exhibits the following characteristics:

File Information

Size
235K
SHA-1
6542fd1af41c0185a190ddca69698a6f7f278856
MD5
d64b9635484a55d3fafee48eded698a3
CRC-32
e34bdde9
File type
Windows executable
First seen
2012-11-18

Other vendor detection

Avira
TR/Dropper.Gen
Kaspersky
HEUR:Trojan.Win32.Generic

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Application Data\svchost.exe
Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\PC - 18-11-2012-08.53.01.gif
    Size
    32K
    SHA-1
    7efb7558f28307e672333a3a0f2e5c2e5f7995dd
    MD5
    61ab2d5640ed8ab597dce7939f427942
    CRC-32
    faaeefff
    File type
    Graphic interchange format
    First seen
    2012-11-18
  • c:\Documents and Settings\test user\Local Settings\Temp\148a8f27-dafe-48c8-a423-0a09ff41c216\CliSecureRT.dll
    Size
    115K
    SHA-1
    cf1a51e6630dbc7e01f14c5b8d9a32577ed277e3
    MD5
    f0c046e12a7b74f16ed7dbb1c9223880
    CRC-32
    ace348d6
    File type
    Windows executable
    First seen
    2012-05-08
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    (Default)
    c:\Documents and Settings\test user\Application Data\svchost.exe
Processes Created
  • c:\Documents and Settings\test user\application data\svchost.exe
DNS Requests
  • smtp.comcast.net

download Try Sophos products for free
Download now

© 1997 - 2013 Sophos Ltd. All rights reserved. Legal Privacy Cookie Information