Troj/Simda-AK

Category: Viruses and Spyware Protection available since:08 May 2013 22:34:36 (GMT)
Type: Trojan Last Updated:08 May 2013 22:34:36 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Simda-AK include:

Example 1

File Information

Size
719K
SHA-1
03a7a9498a67d5342ac4345c9104ce22fecd15e0
MD5
4ea6d379772b43a24242311a63937387
CRC-32
39f531ac
File type
Windows executable
First seen
2012-11-09

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Temp\2.tmp
Registry Keys Modified
  • HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2861B0F9-F1E8-4A1A-B9D5-08FB3E595B28}
    NameServer
    8.8.8.8,172.16.0.2
HTTP Requests
  • http://report.5q55c5s5e555eiq.com/
IP Connections
  • 46.105.131.121:80

Example 2

File Information

Size
719K
SHA-1
09a36a571e5554836c8009baabc1477498a23302
MD5
e42b0adc71a13e4d60d5b7391b0b5bdd
CRC-32
e130ec0c
File type
Windows executable
First seen
2012-11-10

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Temp\2.tmp
Registry Keys Modified
  • HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2861B0F9-F1E8-4A1A-B9D5-08FB3E595B28}
    NameServer
    8.8.8.8,172.16.0.2
HTTP Requests
  • http://report.17q3wsk3y7c31uo3.com/
IP Connections
  • 46.105.131.121:80

Example 3

File Information

Size
719K
SHA-1
0aa2ff6067a249596e2627bd5b0b3031cdaa4c6b
MD5
6d2eb101584deb7e92ceef98b741c79c
CRC-32
bcf93771
File type
Windows executable
First seen
2012-11-10

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Temp\2.tmp
Registry Keys Modified
  • HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2861B0F9-F1E8-4A1A-B9D5-08FB3E595B28}
    NameServer
    8.8.8.8,172.16.0.2
HTTP Requests
  • http://report.o93myw3uoce1a9k1y.com/
IP Connections
  • 46.105.131.121:80

download Try Sophos products for free
Download now