Troj/Mdrop-FAE

Category: Viruses and Spyware Protection available since:30 Apr 2013 09:27:14 (GMT)
Type: Trojan Last Updated:30 Apr 2013 09:27:14 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Mdrop-FAE exhibits the following characteristics:

File Information

Size
195K
SHA-1
f6c936367a706cd26e70829ea2bdde92e03afd50
MD5
ff2c9f85cad728973ddcdb6bbde1eb45
CRC-32
4f06680a
File type
Windows executable
First seen
2013-04-30

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Application Data\Rryynnn\ffxxbvmu.exe
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    vjkubvmu
    c:\Documents and Settings\test user\Application Data\Rryynnn\ffxxbvmu.exe
Processes Created
  • c:\docume~1\support\locals~1\temp\ntssllppjj.pre
  • c:\windows\explorer.exe
  • c:\windows\system32\ctfmon.exe
HTTP Requests
  • http://nvufvwieg.com/inbox.php
DNS Requests
  • nvufvwieg.com

download Try Sophos products for free
Download now