Troj/Mdrop-CXE

Category:	Viruses and Spyware	Protection available since:	09 Sep 2010 02:12:33 (GMT)
Type:	Trojan	Last Updated:	09 Sep 2010 17:31:34 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Mdrop-CXE include:

Example 1

File Information

Size: 308K
SHA-1: 5678f3150040be5bfbec26057b2b027526e2f905
MD5: 6b1ec3d80fb53bb932fb286270f02587
CRC-32: 42ddc81d
File type: application/x-ms-dos-executable
First seen: 2010-09-05

Runtime Analysis

Dropped Files

c:\Documents and Settings\test user\Application Data\nvsvc1024.dll
c:\Documents and Settings\test user\Application Data\calc.exe

Registry Keys Created

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion
USR8321ID
□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□

Processes Created

c:\windows\system32\cmd.exe

Example 2

File Information

Size: 309K
SHA-1: a976b91815c46484fec2f4a226ba3c3c4d2db7e0
MD5: 8267f065cb873f608cd3f1504d83a7aa
CRC-32: a177fe73
File type: application/x-ms-dos-executable
First seen: 2010-08-16

Runtime Analysis

Dropped Files

c:\Documents and Settings\test user\Application Data\calc.exe
c:\Documents and Settings\test user\Application Data\nvsvc1024.dll

Registry Keys Created

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion
USR8321ID
bs423

Processes Created

c:\windows\system32\cmd.exe

Example 3

Other vendor detection

Avira: ADSPY/Adware.Gen
Kaspersky: Trojan.Win32.Agent.aqmq

Runtime Analysis

Dropped Files

c:\Documents and Settings\test user\Application Data\nvsvc1024.dll
c:\Documents and Settings\test user\Application Data\calc.exe

Registry Keys Created

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion
USR8321ID
bs3

Processes Created

c:\windows\system32\cmd.exe

Try Sophos products for free
Download now

Troj/Mdrop-CXE

Example 1

File Information

Runtime Analysis

Dropped Files

Registry Keys Created

Processes Created

Example 2

File Information

Runtime Analysis

Dropped Files

Registry Keys Created

Processes Created

Example 3

Other vendor detection

Runtime Analysis

Dropped Files

Registry Keys Created

Processes Created

Free Mac Anti-Virus

Popular topics