W32/AutoIt-RD

Category: Viruses and Spyware Protection available since:07 Dec 2012 06:09:25 (GMT)
Type: Win32 worm Last Updated:07 Dec 2012 11:19:34 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

W32/AutoIt-RD exhibits the following characteristics:

File Information

Size
288K
SHA-1
af9204d81a3af76a0ec34028ae8b1efbe73c1e6e
MD5
ddc30d775ae0f4da334dd5aeeb726cfb
CRC-32
9a57765a
File type
Windows executable
First seen
2012-12-07

Runtime Analysis

Copies Itself To
  • C:\Documents and Settings\All Users\Application Data\test_item.exe
  • C:\Documents and Settings\All Users\Documents\test_item.exe
  • C:\Documents and Settings\All Users\Start Menu\Programs\Startup\test_item.exe
  • C:\Program Files\Common Files\test_item.exe
  • C:\bin\test_item.exe
  • F:/sample.exe
  • c:\Documents and Settings\test user\Desktop\test_item.exe
  • c:\Documents and Settings\test user\Favorites\test_item.exe
  • c:\Documents and Settings\test user\Start Menu\Programs\Startup\test_item.exe
  • c:\Documents and Settings\test user\test_item.exe
Dropped Files
  • c:\Documents and Settings\test user\frees.log
    Size
    115
    SHA-1
    9be7cc018e4e3c7408bfdca0c087726e8619ae04
    MD5
    0e549022173fb66c91b2c0bfed17c63a
    CRC-32
    a818f7d8
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2012-12-07
  • C:\bin\KEYS.dll
    Size
    6
    SHA-1
    742ce30a73b59259a9b55e5eaf0e97e813167d60
    MD5
    0f6f6b5416a836065f933e4857c31c9a
    CRC-32
    3499f834
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2011-07-15

download Try Sophos products for free
Download now

© 1997 - 2013 Sophos Ltd. All rights reserved. Legal Privacy Cookie Information