Troj/Spy-ACK

Category: Viruses and Spyware Protection available since:13 Mar 2014 12:04:55 (GMT)
Type: Trojan Last Updated:13 Mar 2014 12:04:55 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Spy-ACK exhibits the following characteristics:

File Information

Size
844K
SHA-1
526f0fb9bb4dbc6f8c697a3a58471b6ff518d61b
MD5
3ebbec596529129851251dce2dd12a0c
CRC-32
3898e11a
File type
Windows executable
First seen
2014-03-11

Other vendor detection

Avira
TR/Krypt.TE

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Application Data\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Size
    216
    SHA-1
    a4749011b1433dbeab5fbda69fafbe7420548c4c
    MD5
    c1013b3d84e30574004bee0eee860832
    CRC-32
    b46e8296
    File type
    Unspecified binary - probably data
    First seen
    2014-03-13
  • c:\Documents and Settings\test user\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Size
    53K
    SHA-1
    db88a832074cf222b498eef018e2b4a056456f93
    MD5
    f44363d23cd082c1a99eb91d33e1c927
    CRC-32
    1b37c2c8
    File type
    Microsoft CAB archive
    First seen
    2014-03-12
  • c:\Documents and Settings\test user\Local Settings\Temp\test_item.exe
    Size
    44K
    SHA-1
    eb8da058953ea3987b3191118210665ff987d413
    MD5
    87d516f59fd0be2f3bc5b5f1a12f44c5
    CRC-32
    eed2db38
    File type
    Windows executable
    First seen
    2014-03-11
Modified Files
  • %PROFILE%\Application Data\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004
  • %PROFILE%\Application Data\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
    sidebar
    "C:\WINDOWS\explorer.exe"
Processes Created
  • c:\windows\explorer.exe
HTTP Requests
  • http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt
  • http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
DNS Requests
  • www.download.windowsupdate.com

download Try Sophos products for free
Download now