Troj/Tosct-B

Category: Viruses and Spyware Protection available since:27 Feb 2013 12:50:10 (GMT)
Type: Trojan Last Updated:27 Feb 2013 12:50:10 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Tosct-B include:

Example 1

File Information

Size
6.5K
SHA-1
1571105b3fcbc117dd7c9308286af30d34787a92
MD5
13f0b56c28995e4efc8da784ad862853
CRC-32
405232a0
File type
Windows executable
First seen
2011-08-10

Runtime Analysis

Registry Keys Created
  • HKLM\SYSTEM\CurrentControlSet\Services\tcpguard\Enum
    NextInstance
    0x00000001
  • HKLM\SYSTEM\CurrentControlSet\Services\tcpguard\Security
    Security
    □□□@□□□□□□□□□□□□□□@□□□□□□□□□□□ □□□□□□□□□□□ □□@□□□□□□□□□□□□□□□□□□□□□□□□□□ □□□□□@□□□□□□□□@□□□□□ □□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□@□□□□□ □□□□□□□□□□□□□□□□□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□□□□0□□□□□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□ □□□□□
  • HKLM\SYSTEM\CurrentControlSet\Services\tcpguard
    Description
    provide protection from attack of remote invader, associating with Windows FireWall.

Example 2

File Information

File type
Windows executable

Runtime Analysis

HTTP Requests
  • http://www.deebeedesigns.ca/_borders/top.htm
DNS Requests
  • www.deebeedesigns.ca

Example 3

File Information

Size
9.5K
SHA-1
364833dbcbd261eca3fb71e596488a6bc93e69ac
MD5
f1e5d9bf7705b4dc5be0b8a90b73a863
CRC-32
8e57f5cd
File type
Windows executable
First seen
2011-07-20

Runtime Analysis

HTTP Requests
  • http://70.62.232.98/Default.aspx
IP Connections
  • 70.62.232.98:80

download Try Sophos products for free
Download now

© 1997 - 2013 Sophos Ltd. All rights reserved. Legal Privacy Cookie Information