Troj/VB-EWV

Category:	Viruses and Spyware	Protection available since:	10 Sep 2010 05:23:12 (GMT)
Type:	Trojan	Last Updated:	10 Sep 2010 05:23:12 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/VB-EWV include:

Example 1

File Information

Size: 188K
SHA-1: 5d6fdc24903ab304617845b780b6ab488a05eff4
MD5: 1744808d8149c5d887626512607b6ef6
CRC-32: 980f8a39
File type: application/x-ms-dos-executable
First seen: 2010-09-10

Example 2

File Information

Size: 164K
SHA-1: 6daf13427bc5729661d314666d9bd5334b12241b
MD5: 3ab78ee802042a0d027fe62763416beb
CRC-32: 3e7ab54e
File type: application/x-ms-dos-executable
First seen: 2010-08-16

Example 3

Other vendor detection

Avira: TR/Meredrop.A.11995

Runtime Analysis

Dropped Files

c:\Documents and Settings\test user\Local Settings\Temp\5857.tmp.dll
C:\WINDOWS\system32\csbdll.dll

Registry Keys Created

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\csbdll
Logoff
WinlogonLogoffEvent
HKLM\SOFTWARE\Microsoft\Internet Explorer
group
0x00000064

HTTP Requests

http://-\x80L\x01\x03

DNS Requests

u.fc75f67c2fd6fe07.com

Try Sophos products for free
Download now