Troj/Matsnu-BF

Category: Viruses and Spyware Protection available since:16 May 2014 19:41:13 (GMT)
Type: Trojan Last Updated:16 May 2014 19:41:13 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Matsnu-BF exhibits the following characteristics:

File Information

Size
49K
SHA-1
23f29bf6a68f99e00bf91fddd49ea96c23c927d4
MD5
b7761d828af10624cfb491af6fa807b9
CRC-32
e5409896
File type
Windows executable
First seen
2014-05-16

Other vendor detection

Avira
TR/Matsnu.efx1

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\~38344545.tmp
    Size
    4
    SHA-1
    0bb09567af10ed98b19d30c92754e19c979fbce8
    MD5
    bad47958f36b8a2a95b932129fd2478c
    CRC-32
    e444f992
    File type
    A small file (too small to be malicious)
    First seen
    2014-03-12
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    wwulmjep
    c:\Documents and Settings\test user\Application Data\Afloece\bwucmjep.exe
Processes Created
  • c:\docume~1\support\locals~1\temp\etbsbfxmhe.pre
  • c:\windows\system32\svchost.exe
DNS Requests
  • kubol-service.com

download Try Sophos products for free
Download now