W32/VBNA-AI

Category:	Viruses and Spyware	Protection available since:	14 Dec 2012 00:46:40 (GMT)
Type:	Win32 worm	Last Updated:	14 Dec 2012 00:46:40 (GMT)
Prevalence:

Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of W32/VBNA-AI include:

Example 1

File Information

Size: 208K
SHA-1: 3c609ed181b67beaf91207b9c50f6babde14638c
MD5: f806ec68ec5b3f446ffdd766a84999a9
CRC-32: d4bb518d
File type: Windows executable
First seen: 2012-11-15

Example 2

File Information

Size: 208K
SHA-1: 63bc52b2e3c250590057b33acd0da34aa4cbe5bf
MD5: 5f4c8fb8a7c83fe38ce801ffa401d63a
CRC-32: 7a534e1a
File type: Windows executable
First seen: 2012-11-14

Example 3

File Information

Size: 208K
SHA-1: 79c6ca19db7cb32174fee1c0b56e3ee67b622ec2
MD5: ae256b89668abcadf7068278d40ae4cf
CRC-32: 075f1273
File type: Windows executable
First seen: 2012-11-01

Runtime Analysis

Dropped Files

F:/Passwords.exe
Size
208K
SHA-1
9ea634839668906a3dee65fcdbebb1c161a54240
MD5
bd963792494e259248b20be017256d9f
CRC-32
30c6edb0
File type
Windows executable
First seen
2012-11-02
F:/piecu.exe
Size
208K
SHA-1
9ea634839668906a3dee65fcdbebb1c161a54240
MD5
bd963792494e259248b20be017256d9f
CRC-32
30c6edb0
File type
Windows executable
First seen
2012-11-02
F:/Porn.exe
Size
208K
SHA-1
9ea634839668906a3dee65fcdbebb1c161a54240
MD5
bd963792494e259248b20be017256d9f
CRC-32
30c6edb0
File type
Windows executable
First seen
2012-11-02
c:\Documents and Settings\test user\piecu.exe
Size
208K
SHA-1
73a770762c589ac382e31898db4c0a7b4e471995
MD5
3a986f26d5ae4a27aaa80b54cfcdf014
CRC-32
485d9274
File type
Windows executable
First seen
2012-11-02
F:/Sexy.exe
Size
208K
SHA-1
9ea634839668906a3dee65fcdbebb1c161a54240
MD5
bd963792494e259248b20be017256d9f
CRC-32
30c6edb0
File type
Windows executable
First seen
2012-11-02
F:/Secret.exe
Size
208K
SHA-1
9ea634839668906a3dee65fcdbebb1c161a54240
MD5
bd963792494e259248b20be017256d9f
CRC-32
30c6edb0
File type
Windows executable
First seen
2012-11-02

Registry Keys Created

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
piecu
c:\Documents and Settings\test user\piecu.exe /g
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
NoAutoUpdate
0x00000001
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
piecu
c:\Documents and Settings\test user\piecu.exe /j
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows
Run
c:\Documents and Settings\test user\piecu.exe /o

Registry Keys Modified

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
ShowSuperHidden
0x00000000

Processes Created

c:\Documents and Settings\test user\piecu.exe

DNS Requests

ns1.helpupdater.net
ns1.helpupdates.com

Try Sophos products for free
Download now

Security Goals

INDUSTRIES & SECTORS

COMPANY SIZE

PRODUCT FEATURES

CASE STUDIES

Company Overview

Our People

INNOVATIVE TECHNOLOGY

ALERT SERVICES

Product Features

Product Families

Complete Security

PRODUCTS BY NAME

Free Tools

Next Steps

RESOURCES

FIND AN ANSWER

Support by Product

Maintain your Product

Hire an Expert

WHAT'S POPULAR

THREAT ANALYSIS

THREAT STATISTICS

WHAT'S POPULAR

Threat Definitions

THREAT MONITORING

SECURITY HUBS

LIBRARY

Whats Popular

WHAT'S NEW

Community

IT SECURITY TRAINING

ANATOMY OF AN ATTACK

RESELLER PARTNERS

Managed Service Providers

SYSTEM INTEGRATORS

OEM and Technology

WHAT'S POPULAR

W32/VBNA-AI

Example 1

File Information

Example 2

File Information

Example 3

File Information

Runtime Analysis

Dropped Files

Registry Keys Created

Registry Keys Modified

Processes Created

DNS Requests

Free Mac Anti-Virus

Popular topics