Troj/MSIL-GL

Category: Viruses and Spyware Protection available since:26 Sep 2013 07:07:43 (GMT)
Type: Trojan Last Updated:26 Sep 2013 07:07:43 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/MSIL-GL include:

Example 1

File Information

Size
9.0K
SHA-1
909adccc94577a76ebd283ce7227be0db42b4dc2
MD5
4c2786a5faafc0b67de339fe4ed27d8d
CRC-32
c55c2f20
File type
Windows executable
First seen
2013-09-22

Example 2

File Information

Size
448K
SHA-1
a16081f5c33b0a95cdc8a6231164bf06378860fa
MD5
0c364920056f4bee9cfcd8394bee1458
CRC-32
00d8c4be
File type
Windows executable
First seen
2013-09-25

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Application Data\Microsoft\Windows\winhv.exe
Dropped Files
  • c:\Documents and Settings\test user\Application Data\Microsoft\Windows\HdAudio.exe
    Size
    9.0K
    SHA-1
    909adccc94577a76ebd283ce7227be0db42b4dc2
    MD5
    4c2786a5faafc0b67de339fe4ed27d8d
    CRC-32
    c55c2f20
    File type
    Windows executable
    First seen
    2013-09-22
  • c:\Documents and Settings\test user\Application Data\Logs\25-09-2013
    Size
    380
    SHA-1
    ac1caabc78b7f032e6eaa035fd8b5e48b1d9e0d0
    MD5
    d252bad335841ed7c7e2c8b93335bd69
    CRC-32
    079389d3
    File type
    Unspecified binary - probably data
    First seen
    2013-09-25
Processes Created
  • c:\Documents and Settings\test user\application data\microsoft\windows\hdaudio.exe
  • c:\windows\microsoft.net\framework\v2.0.50727\applaunch.exe
  • c:\windows\system32\cmd.exe
DNS Requests
  • milano99.no-ip.org

download Try Sophos products for free
Download now