Troj/Stringy-B

Category: Viruses and Spyware Protection available since:05 Apr 2013 22:40:08 (GMT)
Type: Trojan Last Updated:05 Apr 2013 22:40:08 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Stringy-B include:

Example 1

File Information

Size
25M
SHA-1
005c781789f0f3c3c4458d96ca21e3f63c8b3f8a
MD5
cd6deb9a88d27d9217696a7931feaa3c
CRC-32
fee14f36
File type
application/x-ms-dos-executable
First seen
2013-04-05

Runtime Analysis

IP Connections
  • 61.176.218.11:443

Example 2

File Information

Size
220K
SHA-1
08d193ba953f2e5cec8d9ced2baba252c918856e
MD5
22f44f72f24c69fcb3a07af596dc06ea
CRC-32
77763aa1
File type
application/x-ms-dos-executable
First seen
2013-04-05

Example 3

File Information

Size
54K
SHA-1
1bae6615254a3784d384193d5c0098af19e59ed8
MD5
b06a119d180185841c67526686f685ee
CRC-32
b750f312
File type
Windows executable
First seen
2011-06-28

Runtime Analysis

Copies Itself To
  • C:\WINDOWS\Temp\s15825.dat
Dropped Files
  • C:\Program Files\Common Files\odbc.nls
    Size
    25M
    SHA-1
    38e5ae811ec36b6247a53cf2bd674c5465583fed
    MD5
    1a2f872a199565a23aea8b7d168dc8d6
    CRC-32
    788a3bc2
    File type
    Windows executable
    First seen
    2011-06-28
Registry Keys Modified
  • HKLM\SYSTEM\CurrentControlSet\Services\Spooler
    Start
    0x00000002
Processes Created
  • c:\windows\system32\spoolsv.exe

download Try Sophos products for free
Download now