Troj/Mdrop-FLW

Category: Viruses and Spyware Protection available since:05 Oct 2013 01:17:41 (GMT)
Type: Trojan Last Updated:05 Oct 2013 01:17:41 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Mdrop-FLW exhibits the following characteristics:

File Information

Size
4.0M
SHA-1
ccf46ce17c95d959ea96b922d01d2902ae085d44
MD5
3ec4e452c9fe2dfbcb8c8dbbb5e54860
CRC-32
963187a8
File type
Windows executable
First seen
2013-10-04

Runtime Analysis

Dropped Files
  • C:\users\public\Public Document\mk.qaz
    Size
    27
    SHA-1
    d7f3da809db901395724cc3de7acb7ac27bb0867
    MD5
    e06739d67e0aa3900ad9a131f66c6029
    CRC-32
    cc605969
    File type
    Base64 encoded
    First seen
    2013-09-30
  • C:\users\public\Public Document\unzip2.exe
    Size
    165K
    SHA-1
    f926e1418780ef086fd328d2d04a2b633a9fbb7c
    MD5
    600e1e9e2029b5f1891e60a3570f8b4b
    CRC-32
    e1d5c8b5
    File type
    Unspecified binary - probably data
    First seen
    2013-10-04
  • C:\users\public\Public Document\deca.bat
    Size
    281
    SHA-1
    e03f37bf7693156a4f3616188c6c0c84ce07d031
    MD5
    8b4d054da2f798660b58fdcdd98c56ae
    CRC-32
    64ead1c5
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2013-09-30
  • C:\users\public\Public Document\pic.pdf
    Size
    983
    SHA-1
    ac4b1157b23adf69a3503cda758f70922af06e5d
    MD5
    02681f4c6f03e6b97e23648b0b7e45c1
    CRC-32
    4a95b288
    File type
    Adobe Portable Document Format (PDF)
    First seen
    2013-07-13
  • C:\users\public\Public Document\stat.vbs
    Size
    110
    SHA-1
    eb548fedf849b3a0185892f63676977a0b81c678
    MD5
    edf55a1c4a9fe5edfec5c64932222986
    CRC-32
    18f9dd19
    File type
    Visual Basic Script
    First seen
    2013-08-26
  • C:\users\public\Public Document\bms.klm
    Size
    93
    SHA-1
    247ced1520b45ac0cae061b72ed3d8da15d0595a
    MD5
    051f6e13d4f7c6efbe352948e03ff8f0
    CRC-32
    81cb8b68
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2013-10-04
  • C:\users\public\Public Document\bare.zip
    Size
    3.2M
    SHA-1
    d0cc8cf7fc6711c81afa3938313f80b9e190897c
    MD5
    45e7a035fa1049806a828fe3cde07558
    CRC-32
    71acaebb
    File type
    Unspecified binary - probably data
    First seen
    2013-10-04
  • C:\users\public\Public Document\decp.exe
Processes Created
  • c:\program files\adobe\reader 8.0\reader\acrord32.exe
  • c:\windows\system32\cmd.exe
  • c:\windows\system32\wscript.exe

download Try Sophos products for free
Download now