Troj/VB-GNW

Category: Viruses and Spyware Protection available since:06 May 2013 03:51:38 (GMT)
Type: Trojan Last Updated:06 May 2013 03:51:38 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/VB-GNW include:

Example 1

File Information

Size
541K
SHA-1
1230d9477c2e1c13f7b343f8f4b66bfed741fe5f
MD5
fcf78102b733a0d8861b77c159a3f03e
CRC-32
f785c26b
File type
Windows executable
First seen
2013-05-05

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\westy.jpg
    Size
    11K
    SHA-1
    c7a9a1cc18b808d8ecbbde3ab7cae0163429f647
    MD5
    bc96abb7c8157d9e49b80c59606a2501
    CRC-32
    0ed8f5b2
    File type
    JPEG Interchange Format
    First seen
    2013-04-03
Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    openv
    C:\Documents and Settings\All Users\Common Files\openv.exe
Processes Created
  • c:\windows\system32\cmd.exe
  • c:\windows\system32\rundll32.exe

Example 2

File Information

Size
280K
SHA-1
524c59bda6c77c1079d8f013d4aa8de67e7eae26
MD5
c6e852a43289a3093caa1d17aedaa863
CRC-32
7e94e91d
File type
RAR compressed archive
First seen
2013-05-05

download Try Sophos products for free
Download now