W32/Autorun-CAC

Category: Viruses and Spyware Protection available since:06 Mar 2013 19:44:38 (GMT)
Type: Win32 worm Last Updated:06 Mar 2013 19:44:38 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

W32/Autorun-CAC exhibits the following characteristics:

File Information

Size
244K
SHA-1
34828d739dc272961ba174656bd238905ed09c39
MD5
2026129e5f3b7ae7a6c59d09e4bf3b47
CRC-32
1a29d6b4
File type
application/x-ms-dos-executable
First seen
2013-03-06

Other vendor detection

Avira
TR/Dropper.Gen

Runtime Analysis

Registry Keys Created
  • HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    NoAutoUpdate
    0x00000001
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    boeuxe
    c:\Documents and Settings\test user\boeuxe.exe /b
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    ShowSuperHidden
    0x00000000
DNS Requests
  • ns1.timedate1.org
  • ns1.timedate3.com
  • ns1.timedate3.org

download Try Sophos products for free
Download now