W32/Autorun-BZR

Category: Viruses and Spyware Protection available since:10 Jan 2013 11:55:55 (GMT)
Type: Win32 worm Last Updated:10 Jan 2013 11:55:55 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

W32/Autorun-BZR exhibits the following characteristics:

File Information

Size
83K
SHA-1
5cdadf3a18e3ef848caaf78420ca268ba979e54f
MD5
8ca2879b443f035c543e70ae9839c103
CRC-32
3cf4fceb
File type
Windows executable
First seen
2013-01-10

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\mqgka.exe
Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
    Taskman
    c:\Documents and Settings\test user\mqgka.exe
Processes Created
  • c:\windows\system32\svchost.exe
DNS Requests
  • loca.betrule.com
  • mutta.agesask.net
  • uokwa.agesonest.com

download Try Sophos products for free
Download now