W32/Gamarue-BZ

Category: Viruses and Spyware Protection available since:20 Nov 2013 13:07:54 (GMT)
Type: Win32 worm Last Updated:20 Nov 2013 13:07:54 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of W32/Gamarue-BZ include:

Example 1

File Information

Size
64K
SHA-1
524a93db550f9edc5e3a759b8f4a852c7b529e72
MD5
aadafa1e20d0b309418a1cd2cb2acf7b
CRC-32
7d5a17a5
File type
RAR compressed archive
First seen
2013-11-20

Other vendor detection

Avira
HIDDENEXT/Worm.Gen

Example 2

File Information

Size
116K
SHA-1
a52628a5a868552bbedbbb438a54f8ef2b4c8010
MD5
920d34ab8e1c528c694b460d596dfc95
CRC-32
a170308a
File type
Windows executable
First seen
2013-11-20

Runtime Analysis

Copies Itself To
  • C:\Documents and Settings\All Users\svchost.exe
Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    SunJavaUpdateSched
    C:\Documents and Settings\All Users\svchost.exe

download Try Sophos products for free
Download now