Troj/MSIL-OK

Category: Viruses and Spyware Protection available since:31 Mar 2014 09:20:54 (GMT)
Type: Trojan Last Updated:31 Mar 2014 09:20:54 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/MSIL-OK exhibits the following characteristics:

File Information

Size
1.8M
SHA-1
2edec0e58edb1b944965fae09e9c6235a90c4db5
MD5
a63d2a94bb30d6926360933b13af5291
CRC-32
63024e9b
File type
application/x-ms-dos-executable
First seen
2014-03-29

Other vendor detection

Avira
TR/Kazy.358982

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Temp\qislg.exe
Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\ESENT\Process\sample\DEBUG
    Trace Level
  • HKLM\SOFTWARE\Microsoft\ESENT\Process\qislg\DEBUG
    Trace Level
  • HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
    qislg
    c:\Documents and Settings\test user\Local Settings\Temp\qislg.exe -w
Processes Created
  • c:\Documents and Settings\test user\local settings\temp\qislg.exe
HTTP Requests
  • http://www.aol.com/
  • http://www.google.bg/
  • http://www.google.com/
DNS Requests
  • www.aol.com
  • www.google.bg
  • www.google.com

download Try Sophos products for free
Download now