Troj/Wmonder-A

Category: Viruses and Spyware Protection available since:24 Jan 2013 21:48:20 (GMT)
Type: Trojan Last Updated:16 Dec 2013 18:12:52 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Wmonder-A include:

Example 1

File Information

Size
157K
SHA-1
123d9003cd936c316e8a1efac4f3254bc386c55c
MD5
2081a5e2e9ed73affcee0527a3b147ec
CRC-32
53bc256c
File type
Windows executable
First seen
2013-02-18

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Application Data\360\Live360.exe
  • c:\Documents and Settings\test user\Application Data\temp\temp1.exe
Registry Keys Created
  • HKLM\SOFTWARE\rar
    ActiveSettings
    □\□04□@□□p□□□0□□2□04□P6□p8□□0□□2□04□P6□p8□□0□□2□□5□P6□□9□□0□
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    UKey
    C:□□D□□c□Pm□Pn□@s□□a□□d□□S□Pt□@i□□g□0\□0u□□p□□r□@\□□p□□l□□c□□t□□o□□ □@a□@a□□3□`0□□L□□v□P3□`0□□e□□e□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□
Processes Created
  • c:\windows\system32\winlogon.exe
IP Connections
  • 192.168.1.101:8080

Example 2

File Information

Size
152K
SHA-1
12ece9e966ee851c44dc70a624603adb9d51f3b9
MD5
39743bf98ee35498772465814be9939c
CRC-32
e931302d
File type
Windows executable
First seen
2013-02-18

Example 3

File Information

Size
109K
SHA-1
137e8709bdfb9cdc8ffe4b08cbf971d25c17090a
MD5
fd0282dea708addcb5e9939cbbe23561
CRC-32
f98cf9c4
File type
Windows executable
First seen
2013-03-05

download Try Sophos products for free
Download now