Troj/Nymaim-D

Category: Viruses and Spyware Protection available since:07 Apr 2014 12:16:33 (GMT)
Type: Trojan Last Updated:07 Apr 2014 12:16:33 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Nymaim-D exhibits the following characteristics:

File Information

Size
164K
SHA-1
3b5c1061b396351da6206120262aa4dadd50adf3
MD5
db8cf977b3346ddbcca8c1f633165139
CRC-32
44e0d086
File type
Windows executable
First seen
2007-09-09

Other vendor detection

Avira
TR/Crypt.ZPACK.61805

Runtime Analysis

Dropped Files
  • C:\WINDOWS\kulkc.shd
    Size
    576
    SHA-1
    2640191a9e63e1948c0d850f7657aa35ffce6c93
    MD5
    ead10ac7d97b500f4ae36704f43c9886
    CRC-32
    2c89efd6
    File type
    Unspecified binary - probably data
    First seen
    2014-04-07
Processes Created
  • c:\windows\system32\svchost.exe
IP Connections
  • 139.0.0.142:33816
  • 186.90.155.4:33816
  • 211.107.58.192:33816
  • 213.7.139.14:33816
  • 79.85.238.90:33816
  • 80.11.138.173:33816
  • 80.15.218.122:33816
  • 80.15.44.164:33816
  • 80.15.80.86:33816
  • 82.120.8.85:33816
  • 82.127.152.149:33816
  • 92.135.211.117:33816
  • 92.156.192.112:33816
  • 95.42.116.137:33816
  • 95.50.85.50:33816
DNS Requests
  • google.com
  • nexighnesd.ru

download Try Sophos products for free
Download now