Troj/Zbot-GDF

Category: Viruses and Spyware Protection available since:10 Sep 2013 03:32:10 (GMT)
Type: Trojan Last Updated:10 Sep 2013 03:32:10 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Zbot-GDF include:

Example 1

File Information

Size
88K
SHA-1
226b35eb187073b980dec0f4cd2bb3dc640e8aee
MD5
241d28d71d73efe359708a3524754144
CRC-32
35b02ced
File type
Windows executable
First seen
2013-09-09

Runtime Analysis

Copies Itself To
  • C:\Documents and Settings\All Users\Application Data\fdqm1if.plz
Dropped Files
  • c:\Documents and Settings\test user\Start Menu\Programs\Startup\fi1mqdf.lnk
    Size
    798
    SHA-1
    4031492f97144bd4e323f9f63f0937c0fcc09fed
    MD5
    37e92f8d7a0dbf30f5696c2f697d777f
    CRC-32
    cd9a6ad1
    File type
    Windows Shortcut file (.LNK)
    First seen
    2013-09-09
  • C:\Documents and Settings\All Users\Application Data\fi1mqdf.pff
    Size
    91M
    SHA-1
    1462bc0891e423f8e9fa737cedb0f09b2ddbec60
    MD5
    198a6e640c48ff3ec976541dbe4c20c3
    CRC-32
    536ee72f
    File type
    Unspecified binary - probably data
    First seen
    2013-09-09
IP Connections
  • 37.139.53.169:443
  • 64.191.122.10:80

Example 2

File Information

Size
199K
SHA-1
e8f34f1475bfef0988b950b7103438d27d46d965
MD5
0620131eb39c3cf7e09ba568b29fa765
CRC-32
009f86c4
File type
Windows executable
First seen
2007-08-19

download Try Sophos products for free
Download now