Examples of Troj/Obvod-Fam include:
Example 1
File Information
- Size
- 70K
- SHA-1
- 08fef2fbee7cbe7b76ef7008b40c63702be7f3c3
- MD5
- 58c57b57ea2da2783c4710ed38d9d688
- CRC-32
- ce27eeda
- File type
- application/x-ms-dos-executable
- First seen
- 2010-09-06
Other vendor detection
- Avira
- TR/Dropper.Gen
Example 2
File Information
- Size
- 70K
- SHA-1
- 366b0aac663d719176c365403d531cb50baa6e0f
- MD5
- 881a64645e6431f38df4974b5b2375fa
- CRC-32
- d90ec455
- File type
- application/x-ms-dos-executable
- First seen
- 2010-08-27
Other vendor detection
- Avira
- TR/Dropper.Gen
Runtime Analysis
Copies Itself To
- C:\Documents and Settings\All Users\Application Data\yvyq8TUV.exe
Registry Keys Created
- HKCU\Software\Microsoft\Internet Explorer\Main
- DisableScriptDebuggerIE
- yes
Processes Created
- c:\documents and settings\all users\application data\yvyq8tuv.exe
- c:\windows\system32\cmd.exe
IP Connections
- 188.72.230.30:53
- 83.133.119.139:53
DNS Requests
- 2246d083104beddd4574a5ea39638c6b641783aeab8f70e509.0.0.f2.twothousands.cm
- 2246d083104beddd4574a5ea39638c6b641783aeab8f70e509.pfi.twothousands.cm
- 2246d083104beddd4574a5ea39638c6b641783aeab8f70e509.pfim.twothousands.cm
Example 3
File Information
- Size
- 70K
- SHA-1
- 41799f7eb4f9371379aa88ef2d1b3951efda1c87
- MD5
- 7c36b4aafc9f002e854569fa7888e506
- CRC-32
- 94d0fe52
- File type
- application/x-ms-dos-executable
- First seen
- 2010-08-27