W32/SillyFDC-FX

Category: Viruses and Spyware Protection available since:30 May 2011 23:23:30 (GMT)
Type: Win32 worm Last Updated:30 May 2011 23:23:30 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of W32/SillyFDC-FX include:

Example 1

File Information

Size
252K
SHA-1
fa43a4460e2954d025549442db629aa65010e4cf
MD5
b7b8779e0b61f446b941332420a81570
CRC-32
dfd70d22
File type
application/x-ms-dos-executable
First seen
2011-05-30

Runtime Analysis

Dropped Files
  • F:/Video.lnk
  • F:/Passwords.lnk
  • F:/Music.lnk
  • F:/reouv.exe
  • F:/Documents.lnk
  • F:/STpz.ico
    Size
    2.2K
    SHA-1
    449fd23520cacf57c39c3d26ab94ff23fcbad38b
    MD5
    8ddc8a55a24272ad6663389731bb265f
    CRC-32
    666d0500
    File type
    application/octet-stream
    First seen
    2011-01-21
  • F:/Pictures.lnk
  • F:/New Folder.lnk
  • F:/reouvx.exe
  • c:\Documents and Settings\test user\reouv.exe
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    reouv
    c:\Documents and Settings\test user\reouv.exe /c
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    ShowSuperHidden
    0x00000000
Processes Created
  • c:\documents and settings\support\reouv.exe
DNS Requests
  • ns1.player1532.com

Example 2

File Information

Size
252K
SHA-1
fb80651c31c656a8bea3944ab7f7af823289438d
MD5
159fd32a582020f4d262d1bd66d5a032
CRC-32
13bee399
File type
application/x-ms-dos-executable
First seen
2011-05-29

Runtime Analysis

Dropped Files
  • F:/New Folder.lnk
  • F:/Video.lnk
  • F:/hhtiotx.exe
  • F:/Music.lnk
  • F:/Documents.lnk
  • F:/Passwords.lnk
  • F:/hhtiot.exe
  • F:/Pictures.lnk
  • c:\Documents and Settings\test user\hhtiot.exe
  • F:/ssb.ico
    Size
    2.2K
    SHA-1
    449fd23520cacf57c39c3d26ab94ff23fcbad38b
    MD5
    8ddc8a55a24272ad6663389731bb265f
    CRC-32
    666d0500
    File type
    application/octet-stream
    First seen
    2011-01-21
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    hhtiot
    c:\Documents and Settings\test user\hhtiot.exe /C
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    ShowSuperHidden
    0x00000000
Processes Created
  • c:\documents and settings\support\hhtiot.exe
DNS Requests
  • ns1.player1532.com

Example 3

File Information

Size
252K
SHA-1
fbc34a14b4075b54160dfe7ae937448cb2d239b6
MD5
e543214f64aa3e53473efbb59156793b
CRC-32
6797b4e1
File type
application/x-ms-dos-executable
First seen
2011-05-30

Runtime Analysis

Dropped Files
  • F:/bousu.exe
  • F:/bousux.exe
  • F:/xqB.ico
    Size
    2.2K
    SHA-1
    449fd23520cacf57c39c3d26ab94ff23fcbad38b
    MD5
    8ddc8a55a24272ad6663389731bb265f
    CRC-32
    666d0500
    File type
    application/octet-stream
    First seen
    2011-01-21
  • F:/Pictures.lnk
  • F:/Music.lnk
  • F:/Passwords.lnk
  • F:/Documents.lnk
  • F:/New Folder.lnk
  • F:/Video.lnk
  • c:\Documents and Settings\test user\bousu.exe
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    bousu
    c:\Documents and Settings\test user\bousu.exe /t
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    ShowSuperHidden
    0x00000000
Processes Created
  • c:\documents and settings\support\bousu.exe
DNS Requests
  • ns1.player1532.com

download Try Sophos products for free
Download now

© 1997 - 2013 Sophos Ltd. All rights reserved. Legal Privacy Cookie Information