Troj/Mdrop-EYP

Category: Viruses and Spyware Protection available since:28 Mar 2013 14:08:27 (GMT)
Type: Trojan Last Updated:28 Mar 2013 14:08:27 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Mdrop-EYP exhibits the following characteristics:

File Information

Size
425K
SHA-1
af36d54af02230e0f8a94b62b4b38cc9bc6dbb7f
MD5
7841b6b7bfbbaee490102f27d08466ef
CRC-32
d03eca2f
File type
Windows executable
First seen
2013-03-28

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Temp\Java.exe
Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\3pkDMjx8GO.ini
    Size
    95
    SHA-1
    666de960c4e0ade29b7bfe89a589e7656a8b3f39
    MD5
    2d97367ea1b859a61f8f7a7b77873d86
    CRC-32
    e50020a3
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2012-08-17
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Java
    C:\DOCUME~1\support\LOCALS~1\Temp\Java.exe
HTTP Requests
  • http://icekillerz.allalla.com/index.php
DNS Requests
  • icekillerz.allalla.com

download Try Sophos products for free
Download now