Troj/Zbot-AOW

Category:	Viruses and Spyware	Protection available since:	16 Apr 2011 20:25:50 (GMT)
Type:	Trojan	Last Updated:	16 Apr 2011 20:25:50 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Zbot-AOW exhibits the following characteristics:

File Information

Size: 116K
SHA-1: 0e2f2ded1a44f52e75309df601ad9ccc4c4e2292
MD5: 73049557bb88401fcbeb287c10319703
CRC-32: 044b1068
File type: application/x-ms-dos-executable
First seen: 2011-04-15

Runtime Analysis

Dropped Files

c:\Documents and Settings\test user\Application Data\Fuuq\cayk.tmp
Size
1.7K
SHA-1
5c0aae1b6a4a87aa6bed85c7d9207febfb149b05
MD5
8cbdccbcd49ec8f26ec3539aaf4a4eec
CRC-32
65636866
File type
application/octet-stream
First seen
2011-04-16
c:\Documents and Settings\test user\Application Data\Mioc\duugo.exe
Size
116K
SHA-1
8c354d80617c55dab53fa0199aa98ba89769d16d
MD5
ea861e1f45f27d7678b9769e934b041d
CRC-32
8cf9a47b
File type
application/x-ms-dos-executable
First seen
2011-04-16

Registry Keys Created

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
{B2BB8B88-9952-D62D-3542-E31844ECABC0}
"c:\Documents and Settings\test user\Application Data\Mioc\duugo.exe"
HKCU\Software\Microsoft\Internet Explorer\Privacy
CleanCookies
0x00000000

Registry Keys Modified

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
1609
0x00000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4
1609
0x00000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2
1609
0x00000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1
1609
0x00000000

Processes Created

c:\documents and settings\support\application data\mioc\duugo.exe
c:\windows\system32\cmd.exe

HTTP Requests

http://escaptr.com/FqkJPEpeDY/photo.bin

DNS Requests

escaptr.com

Try Sophos products for free
Download now

Security Goals

INDUSTRIES & SECTORS

COMPANY SIZE

PRODUCT FEATURES

CASE STUDIES

Company Overview

Our People

INNOVATIVE TECHNOLOGY

ALERT SERVICES

Product Features

Product Families

Complete Security

PRODUCTS BY NAME

Free Tools

Next Steps

RESOURCES

FIND AN ANSWER

Support by Product

Maintain your Product

Hire an Expert

WHAT'S POPULAR

THREAT ANALYSIS

THREAT STATISTICS

WHAT'S POPULAR

Threat Definitions

THREAT MONITORING

SECURITY HUBS

LIBRARY

Whats Popular

WHAT'S NEW

Community

IT SECURITY TRAINING

ANATOMY OF AN ATTACK

RESELLER PARTNERS

Managed Service Providers

SYSTEM INTEGRATORS

OEM and Technology

WHAT'S POPULAR

Troj/Zbot-AOW

File Information

Runtime Analysis

Dropped Files

Registry Keys Created

Registry Keys Modified

Processes Created

HTTP Requests

DNS Requests

Free Mac Anti-Virus

Popular topics