Troj/Mdrop-FKB

Category: Viruses and Spyware Protection available since:16 Sep 2013 12:04:42 (GMT)
Type: Trojan Last Updated:16 Sep 2013 12:04:42 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Mdrop-FKB exhibits the following characteristics:

File Information

Size
684K
SHA-1
2fe7b045cd6047550a10b077e0e85c1ba4108a42
MD5
03042e05567a113ed7681f961ffd2c1f
CRC-32
12021f23
File type
Windows executable
First seen
2013-09-16

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Start Menu\Programs\Startup\test_item.exe
Dropped Files
  • c:\Documents and Settings\test user\Application Data\test_item.exe
    Size
    2.0K
    SHA-1
    fc5e83b0754b05750ed1955085b5e56721f9f77d
    MD5
    2ba6a855e65c4b0fe94beb45f477d0a0
    CRC-32
    98a364a9
    File type
    Windows executable
    First seen
    2013-09-16
  • c:\Documents and Settings\test user\Local Settings\Temp\UtRWKCP86F.ini
  • c:\Documents and Settings\test user\Application Data\iexplorer.exe
    Size
    260K
    SHA-1
    15917bd98d3696010d41f59ca07f1b9683b06532
    MD5
    29bb2b95331005bb1c2c42faae97484e
    CRC-32
    d890aa49
    File type
    Windows executable
    First seen
    2013-09-01
Processes Created
  • c:\Documents and Settings\test user\application data\iexplorer.exe
  • c:\windows\microsoft.net\framework\v2.0.50727\ilasm.exe
HTTP Requests
  • http://awuruhktol.netau.net/index.php
DNS Requests
  • awuruhktol.netau.net
  • smtp.gmail.com

download Try Sophos products for free
Download now