W32/VBNA-AK

Category: Viruses and Spyware Protection available since:14 Dec 2012 00:46:40 (GMT)
Type: Win32 worm Last Updated:14 Dec 2012 00:46:40 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of W32/VBNA-AK include:

Example 1

File Information

Size
360K
SHA-1
0108c3b5de93617c60241179bd63e404089394f4
MD5
8456a1b2e233180ffaa7beb6a4d738f3
CRC-32
ce6ffbd1
File type
Windows executable
First seen
2007-06-28

Other vendor detection

Avira
TR/Patched.Gen
Kaspersky
HEUR:Trojan.Win32.Generic

Runtime Analysis

Dropped Files
  • F:/Sexy.exe
    Size
    360K
    SHA-1
    51b7f62066807927e014e8e9a5029e3c2faa293d
    MD5
    66a6cc41fe96ad91d7f378dae57f2149
    CRC-32
    b21d6751
    File type
    Windows executable
    First seen
    2012-10-25
  • F:/Secret.exe
    Size
    360K
    SHA-1
    3656a622a3f9b6f32c062bd45fdc4817492a31f0
    MD5
    4ae7ae1d7a74f6b7c1f425d6698e84ac
    CRC-32
    7a6d73a2
    File type
    Windows executable
    First seen
    2012-10-25
  • F:/Passwords.exe
    Size
    360K
    SHA-1
    52c41211549da64e3bcd255513256be1088d1178
    MD5
    ea559aab2f4babf71967005d6f6e249a
    CRC-32
    3689b4aa
    File type
    Windows executable
    First seen
    2012-10-25
  • c:\Documents and Settings\test user\giinou.exe
    Size
    360K
    SHA-1
    d474cc49d899fcb9f5cb0f3cbc8d4cc9f18c5486
    MD5
    62e3fd56422acb4d520f00c62e65b492
    CRC-32
    bd3c25d6
    File type
    Windows executable
    First seen
    2012-10-25
  • F:/Porn.exe
    Size
    360K
    SHA-1
    48c46213573b4c5534ec08bbfcfcba222383d254
    MD5
    9b514118ba07124facbab4d08ff06df2
    CRC-32
    0713caba
    File type
    Windows executable
    First seen
    2012-10-25
  • F:/giinou.exe
    Size
    360K
    SHA-1
    3656a622a3f9b6f32c062bd45fdc4817492a31f0
    MD5
    4ae7ae1d7a74f6b7c1f425d6698e84ac
    CRC-32
    7a6d73a2
    File type
    Windows executable
    First seen
    2012-10-25
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    giinou
    c:\Documents and Settings\test user\giinou.exe /l
  • HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    NoAutoUpdate
    0x00000001
  • HKCU\Software\Microsoft\DirectInput\MostRecentApplication
    MostRecentStart
    □%□□<□p□□□□□
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    ShowSuperHidden
    0x00000000
Processes Created
  • c:\Documents and Settings\test user\giinou.exe
DNS Requests
  • ns1.helpupdates.biz
  • ns1.helpupdates.com
  • ns1.helpupdates.info

Example 2

File Information

Size
360K
SHA-1
17c6b50f21294beb8f78678dfebb51811b6324f0
MD5
c3b8ed97cf21baceb09f624d699be949
CRC-32
55cdc8cc
File type
Windows executable
First seen
2007-06-30

Other vendor detection

Avira
TR/Patched.Gen
Kaspersky
HEUR:Trojan.Win32.Generic

Runtime Analysis

Dropped Files
  • F:/fuuozun.exe
    Size
    360K
    SHA-1
    81cf2687b07f99ff0b8acd2c38229cc0b9618d0d
    MD5
    d9938eff4b16f8fece3f3d3d17c80be7
    CRC-32
    ba9d57e6
    File type
    Windows executable
    First seen
    2012-10-29
  • F:/Secret.exe
    Size
    360K
    SHA-1
    81cf2687b07f99ff0b8acd2c38229cc0b9618d0d
    MD5
    d9938eff4b16f8fece3f3d3d17c80be7
    CRC-32
    ba9d57e6
    File type
    Windows executable
    First seen
    2012-10-29
  • c:\Documents and Settings\test user\fuuozun.exe
    Size
    360K
    SHA-1
    aedcb275f0322187c01e08b2ff8687d903f83be1
    MD5
    61baa75c4b72f408ee7f9d2d7fa253bf
    CRC-32
    f635e0fd
    File type
    Windows executable
    First seen
    2012-10-29
  • F:/Sexy.exe
    Size
    360K
    SHA-1
    b85151b21342b8ee38b7ac8ff819a1bc4c4ce426
    MD5
    af9654edfaa3cb813c08a1cb05ded498
    CRC-32
    72ed4315
    File type
    Windows executable
    First seen
    2012-10-29
  • F:/Passwords.exe
    Size
    360K
    SHA-1
    47876a57e0967291a02c9c390ce6ae0d67d8fa83
    MD5
    8aaada74005125925515f0b11dd2faa7
    CRC-32
    f67990ee
    File type
    Windows executable
    First seen
    2012-10-29
  • F:/Porn.exe
    Size
    360K
    SHA-1
    50852b7693b8153585400bef2f9916c950fb2b52
    MD5
    d66dd5ec6575583b00c3c6b288923073
    CRC-32
    c7e3eefe
    File type
    Windows executable
    First seen
    2012-10-29
Registry Keys Created
  • HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    NoAutoUpdate
    0x00000001
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    fuuozun
    c:\Documents and Settings\test user\fuuozun.exe /y
  • HKCU\Software\Microsoft\DirectInput\MostRecentApplication
    MostRecentStart
    t$□P□□`□□□□□
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    ShowSuperHidden
    0x00000000
Processes Created
  • c:\Documents and Settings\test user\fuuozun.exe
DNS Requests
  • ns1.helpupdates.com

download Try Sophos products for free
Download now