Troj/Ransom-LH

Category: Viruses and Spyware Protection available since:05 Dec 2012 05:54:35 (GMT)
Type: Trojan Last Updated:05 Dec 2012 05:54:35 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Ransom-LH include:

Example 1

File Information

Size
91K
SHA-1
4684b10b302f5476206506d433cdcc83d640ccd3
MD5
a9b75ba33144632982920a368b836dc1
CRC-32
3f3df036
File type
Windows executable
First seen
2012-12-04

Runtime Analysis

Registry Keys Modified
  • HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication
    Name
    test_item.exe

Example 2

File Information

Size
119K
SHA-1
f20e1f8cf10269ea9a39b4a5f9c9a820117474fb
MD5
b62f86bd4594d83afc8e0dbae36b2b37
CRC-32
076ff25d
File type
Windows executable
First seen
2012-12-04

Runtime Analysis

Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    (Default)
    c:\test_item.exe
Registry Keys Modified
  • HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication
    Name
    test_item.exe
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer
    CleanShutdown
    0x00000001
HTTP Requests
  • http://hmhimnknhp.fullpaper.info/get.php
IP Connections
  • 209.85.229.104:80
DNS Requests
  • hmhimnknhp.fullpaper.info

download Try Sophos products for free
Download now