Troj/Malit-DC

Category: Viruses and Spyware Protection available since:05 May 2014 15:51:59 (GMT)
Type: Trojan Last Updated:05 May 2014 18:01:15 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Malit-DC include:

Example 1

File Information

Size
33M
SHA-1
928a84873a899c2a1606002ac12fdf18008b8e5c
MD5
fcce18e4d73aa886852898695210a9f0
CRC-32
4874c686
File type
ASCII text / 8-bit Unicode Transformation Format
First seen
2014-04-25

Example 2

File Information

Size
921K
SHA-1
ba49b61b34b62ebaf2759ff44f91b1f231c3b0ab
MD5
09bda8ea0268d550d0fc3e5f9c5e3ecf
CRC-32
921a72c6
File type
Windows executable
First seen
2014-04-25

Other vendor detection

Avira
DR/AutoIt.Gen

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\3i31325y7869qvm\YDEQPRMW.exe
  • c:\Documents and Settings\test user\3i31325y7869qvm\uutfmuav.PER
    Size
    148
    SHA-1
    72d8bdc251efe76325450013a1c40f6a64d6f2a7
    MD5
    1a48dabf6a21c1be3c0f87eee6b5736f
    CRC-32
    ed6b0f17
    File type
    Configuration Data File (generic)
    First seen
    2014-04-25
  • c:\Documents and Settings\test user\3i31325y7869qvm\run.vbs
    Size
    97
    SHA-1
    49735c90ebae73cfc82216f1ec72ffe9f4d3e219
    MD5
    a7bff9deeed3b94564cefeaeb606ceb6
    CRC-32
    5314e3bb
    File type
    Visual Basic Script
    First seen
    2014-04-25
  • c:\Documents and Settings\test user\3i31325y7869qvm\49156.cmd
    Size
    81
    SHA-1
    15a9120b27c76ce90ecceb33060a5696661f9972
    MD5
    4c385167d1d9473423f674d084d49c4a
    CRC-32
    4569cd27
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2014-04-25
  • c:\Documents and Settings\test user\3i31325y7869qvm\QyyKMbVbRUwH.AYF
    Size
    33M
    SHA-1
    928a84873a899c2a1606002ac12fdf18008b8e5c
    MD5
    fcce18e4d73aa886852898695210a9f0
    CRC-32
    4874c686
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2014-04-25
  • c:\Documents and Settings\test user\3i31325y7869qvm\47508.vbs
    Size
    181
    SHA-1
    3243054decbb978c0461dd02eaaecd896dcbab0c
    MD5
    e40da028af90e59e4ffa09ef6dbc166c
    CRC-32
    ac25ffa2
    File type
    Visual Basic Script
    First seen
    2014-04-25
  • c:\Documents and Settings\test user\Start Menu\Programs\Startup\start.lnk
    Size
    771
    SHA-1
    fd69bce782ad3f015459dbde71d0fc5599152797
    MD5
    67c5df82277cad318b20879a7bdcfc27
    CRC-32
    b26feb76
    File type
    Windows Shortcut file (.LNK)
    First seen
    2014-04-25
  • c:\Documents and Settings\test user\3i31325y7869qvm\udQzKLU.MFU
    Size
    252K
    SHA-1
    fcad8e28d0fda43a1d3392991bf60e470a4a48be
    MD5
    7472611b04ac6f3fa29ab7b23ce44596
    CRC-32
    934d3102
    File type
    Unspecified binary - probably data
    First seen
    2014-04-25
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
    3i31325y7869qvm
    C:\DOCUME~1\support\3i31325y7869qvm\47508.vbs
Processes Created
  • c:\Documents and Settings\test user\3i31325y7869qvm\ydeqprmw.exe
DNS Requests
  • joeinstein.no-ip.biz

download Try Sophos products for free
Download now