W32/SillyFDC-KJ

Category: Viruses and Spyware Protection available since:17 May 2013 22:52:36 (GMT)
Type: Win32 worm Last Updated:17 May 2013 22:52:36 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of W32/SillyFDC-KJ include:

Example 1

File Information

Size
228K
SHA-1
20b9925b71056c0a7599ef8c622d9e3b1a085547
MD5
31f243acbe48fca4d6bcbb72ff4b5906
CRC-32
bf7eef6f
File type
Windows executable
First seen
2013-05-17

Runtime Analysis

Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    zuiafe
    c:\Documents and Settings\test user\zuiafe.exe /x
  • HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    NoAutoUpdate
    0x00000001
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    ShowSuperHidden
    0x00000000
DNS Requests
  • ns1.anytime1.com
  • ns1.anytime1.net
  • ns1.anytime1.org
  • ns1.anytime2.com

Example 2

File Information

Size
228K
SHA-1
11e3267f7261a0c13c720999c1cde4ba6e6a2f0f
MD5
1905933841cd1de1a454423a8745c085
CRC-32
fc35368f
File type
Windows executable
First seen
2011-07-04

Example 3

File Information

Size
228K
SHA-1
15cf98a5c734951ebdf3781ea3c5ec2e07c1d6ba
MD5
bacadd05e8fc4073a8eabcdd4467417c
CRC-32
65feb390
File type
Windows executable
First seen
2013-05-17

Runtime Analysis

Registry Keys Created
  • HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    NoAutoUpdate
    0x00000001
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    laobag
    c:\Documents and Settings\test user\laobag.exe /v
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    ShowSuperHidden
    0x00000000
DNS Requests
  • ns1.anytime1.com
  • ns1.anytime1.net
  • ns1.anytime1.org
  • ns1.anytime2.com

download Try Sophos products for free
Download now