Troj/Mdrop-FGE

Category: Viruses and Spyware Protection available since:27 Jul 2013 02:58:57 (GMT)
Type: Trojan Last Updated:27 Jul 2013 02:58:57 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Mdrop-FGE exhibits the following characteristics:

File Information

Size
126K
SHA-1
ba089f199b52e3eeeabdc18766f59b2ba855bf62
MD5
d1b04ae7b11598434ceb3c16e15b08d9
CRC-32
17067dfd
File type
Windows executable
First seen
2011-07-14

Other vendor detection

Avira
TR/Rogue.1136686

Runtime Analysis

Copies Itself To
  • C:\Documents and Settings\All Users\Local Settings\Temp\ccyaoer.bat
Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
    30367
    C:\DOCUME~1\ALLUSE~1\LOCALS~1\Temp\ccyaoer.bat
Processes Created
  • c:\windows\system32\wuauclt.exe
IP Connections
  • 8.8.4.4:53
DNS Requests
  • pacifista.ru
  • restless.su
  • www.update.microsoft.com

download Try Sophos products for free
Download now