Troj/MSILInj-R

Category: Viruses and Spyware Protection available since:03 Apr 2013 01:20:15 (GMT)
Type: Trojan Last Updated:03 Apr 2013 01:20:15 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/MSILInj-R exhibits the following characteristics:

File Information

Size
411K
SHA-1
cb9a093fa3061ccead07f0c35dbda323a0ba9468
MD5
86d8cd6fb359f5744ae847263fa93f0b
CRC-32
f3f290d8
File type
Windows executable
First seen
2013-04-02

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Temp\tmp2.tmp.exe
Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\temp_THNOLGFVmu\vbc.exe
  • c:\Documents and Settings\test user\Local Settings\Temp\ffGZc7MLOd.ini
    Size
    95
    SHA-1
    666de960c4e0ade29b7bfe89a589e7656a8b3f39
    MD5
    2d97367ea1b859a61f8f7a7b77873d86
    CRC-32
    e50020a3
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2012-08-17
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    1949069570.exe
    "c:\Documents and Settings\test user\Local Settings\Temp\tmp2.tmp.exe"
Processes Created
  • c:\Documents and Settings\test user\local settings\temp\temp_thnolgfvmu\vbc.exe
  • c:\Documents and Settings\test user\local settings\temp\tmp2.tmp.exe
HTTP Requests
  • http://davemetal.allalla.com/index.php
DNS Requests
  • davemetal.allalla.com

download Try Sophos products for free
Download now