Troj/Toasty-A

Category: Viruses and Spyware Protection available since:21 Jan 2013 16:48:16 (GMT)
Type: Trojan Last Updated:21 Jan 2013 16:48:16 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Toasty-A include:

Example 1

File Information

Size
208K
SHA-1
012122b6a96ac32711a90e1d499cd1a98f292f8b
MD5
a0a82abd37891d58ae957e1fd940ab5a
CRC-32
9e017efb
File type
Windows executable
First seen
2012-12-24

Other vendor detection

Avira
TR/Dropper.Gen

Runtime Analysis

Copies Itself To
  • C:\Documents and Settings\All Users\Start Menu\Programs\Startup\audiodh.exe
  • c:\Documents and Settings\test user\Templates\audiodh.exe
Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    Windows Graphisolierung f□r Audiohdger□te
    c:\Documents and Settings\test user\Templates\audiodh.exe
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Windows Graphisolierung f□r Audiohdger□te
    c:\Documents and Settings\test user\Templates\audiodh.exe
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    Hidden
    0x00000002
Processes Created
  • c:\Documents and Settings\test user\templates\audiodh.exe
IP Connections
  • 91.218.36.42:80

Example 2

File Information

Size
638K
SHA-1
a825739423a8381efa8eb7e4785ba3d0011f37cb
MD5
9a46ab21f0eca3d6d575f62f9ce3ef73
CRC-32
1ed1c423
File type
Windows executable
First seen
2012-12-25

Other vendor detection

Avira
TR/Dropper.Gen

Runtime Analysis

Copies Itself To
  • C:\Documents and Settings\All Users\Start Menu\Programs\Startup\audiodh.exe
  • c:\Documents and Settings\test user\Templates\audiodh.exe
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Windows Graphisolierung f□r Audiohdger□te
    c:\Documents and Settings\test user\Templates\audiodh.exe
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    Windows Graphisolierung f□r Audiohdger□te
    c:\Documents and Settings\test user\Templates\audiodh.exe
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    Hidden
    0x00000002
Processes Created
  • c:\Documents and Settings\test user\templates\audiodh.exe
IP Connections
  • 91.218.36.42:80

Example 3

File Information

Size
766K
SHA-1
ac26949b659c7a4402cde7bc8b9d90da4dcb0202
MD5
41e069620aac48ab2909834e90ca92b2
CRC-32
ab445d94
File type
Windows executable
First seen
2012-12-24

Other vendor detection

Avira
TR/Dropper.Gen

Runtime Analysis

Copies Itself To
  • C:\Documents and Settings\All Users\Start Menu\Programs\Startup\audiodh.exe
  • c:\Documents and Settings\test user\Templates\audiodh.exe
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Windows Graphisolierung f□r Audiohdger□te
    c:\Documents and Settings\test user\Templates\audiodh.exe
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    Windows Graphisolierung f□r Audiohdger□te
    c:\Documents and Settings\test user\Templates\audiodh.exe
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    Hidden
    0x00000002
Processes Created
  • c:\Documents and Settings\test user\templates\audiodh.exe
IP Connections
  • 91.218.36.42:80

download Try Sophos products for free
Download now

© 1997 - 2013 Sophos Ltd. All rights reserved. Legal Privacy Cookie Information