W32/Malit-E

Category: Viruses and Spyware Protection available since:14 Dec 2013 23:49:09 (GMT)
Type: Win32 worm Last Updated:14 Dec 2013 23:49:09 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of W32/Malit-E include:

Example 1

File Information

Size
1.2M
SHA-1
37aeea7231cd1a6abfc38a70b9221c989565a62a
MD5
b4a5b92ffa6c1101c51aac872623a9e4
CRC-32
262261e4
File type
Visual Basic Script
First seen
2013-12-13

Example 2

File Information

Size
1.4M
SHA-1
5bc4ec8611f882976c20e85ae2aff241c37e442c
MD5
596dfc4560ee9a2e1ce0dc5742e722aa
CRC-32
8ccccc9c
File type
Windows executable
First seen
2013-12-13

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Application Data\IZDOD\FFAEN
    Size
    445K
    SHA-1
    6086f8846e7243496dfa7bd210e2906108cea13c
    MD5
    e7ef7902db205203ce108622d9769e22
    CRC-32
    9b1c8095
    File type
    Unspecified binary - probably data
    First seen
    2013-12-13
  • c:\Documents and Settings\test user\Application Data\IZDOD\YMQGIX
    Size
    25K
    SHA-1
    d031f96d6bf11dbe8f9944e184d8cbdd6d31aa78
    MD5
    cf6c7de27593479295cb5ddb455c119d
    CRC-32
    534d3cad
    File type
    Base64 encoded
    First seen
    2013-12-13
  • c:\Documents and Settings\test user\Application Data\IZDOD\MAASY
    Size
    329K
    SHA-1
    f1025a9918b9d78f070d268482e072572fd39b43
    MD5
    373d08101f29a392cdb479aa63454868
    CRC-32
    287da191
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2013-12-13
  • c:\Documents and Settings\test user\Application Data\IZDOD\r1fKg.vbe
    Size
    1.2M
    SHA-1
    37aeea7231cd1a6abfc38a70b9221c989565a62a
    MD5
    b4a5b92ffa6c1101c51aac872623a9e4
    CRC-32
    262261e4
    File type
    Visual Basic Script
    First seen
    2013-12-13
  • c:\Documents and Settings\test user\Application Data\IZDOD\HFAMU
    Size
    205K
    SHA-1
    6265a48375c93f149d002b7620986423d59f058f
    MD5
    e8e8bd60bc96077e45908781e7c03885
    CRC-32
    6c9b0853
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2013-12-13
Processes Created
  • c:\windows\system32\wscript.exe

download Try Sophos products for free
Download now