HPsus/Autorun-D

Categoría: Archivos y comportamiento sospechosos Protección disponible desde:28 sep 2011 22:33:31 (GMT)
Tipo: Suspicious file Última actualización:28 sep 2011 22:33:31 (GMT)

Download Descargue nuestra herramienta gratuita para la eliminación de virus - Encuentre las amenazas no detectadas por su antivirus

Examples of HPsus/Autorun-D include:

Example 1

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\feezau.exe
    Size
    144K
    SHA-1
    8f8151f6ee1e8b1a5ad873cccdd50cfd2090e41e
    MD5
    4871517ec1ae315d37daed44e1a9cc9c
    CRC-32
    dd2fb0f5
    File type
    application/x-ms-dos-executable
    First seen
    2011-09-28
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    feezau
    c:\Documents and Settings\test user\feezau.exe /u
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    ShowSuperHidden
    0x00000000
DNS Requests
  • ns1.player1532.com

Example 2

File Information

Size
128K
SHA-1
180f9b281021c300018e33bd80c0ff18363ad0ff
MD5
073bd314df28af615ba9a31bd9b5c4dc
CRC-32
a51bc8d6
File type
application/x-ms-dos-executable
First seen
2011-07-20

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\joeliu.exe
    Size
    128K
    SHA-1
    d7e04655b8096068818f5d48235725976dbf8519
    MD5
    2d310f2b7e2f7bfa3f90de8227bebf3b
    CRC-32
    13b8d145
    File type
    application/x-ms-dos-executable
    First seen
    2011-09-28
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    joeliu
    c:\Documents and Settings\test user\joeliu.exe /f
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    ShowSuperHidden
    0x00000000
DNS Requests
  • ns1.player1532.com

Example 3

File Information

Size
148K
SHA-1
19d99c750e59389546c1bca4f53a64836da1e579
MD5
182e1f00d8d91e6d4d0a573b5c032917
CRC-32
7d1c24d7
File type
application/x-ms-dos-executable
First seen
2011-08-29

Runtime Analysis

Dropped Files
  • F:/Pictures.lnk
    Size
    371
    SHA-1
    f55fda5c506cb67b39497ba43377acb844db5339
    MD5
    874a6f5de75e477d2c1fa4ad5d83aab9
    CRC-32
    eacb4398
    File type
    application/octet-stream
    First seen
    2011-09-28
  • F:/seL.ico
    Size
    2.2K
    SHA-1
    449fd23520cacf57c39c3d26ab94ff23fcbad38b
    MD5
    8ddc8a55a24272ad6663389731bb265f
    CRC-32
    666d0500
    File type
    Icon for 32-bit Windows
    First seen
    2011-01-21
  • F:/Music.lnk
    Size
    365
    SHA-1
    fad2274242537afa9e919bf9e08dd1514166f54f
    MD5
    46ac0ba1229914412332b8c5a8d37ae9
    CRC-32
    634127fe
    File type
    application/octet-stream
    First seen
    2011-09-28
  • F:/faneg.exe
    Size
    148K
    SHA-1
    34a17b4f2accc383fedd5b9f631442e8a4ee49eb
    MD5
    b5849e9e67bab806b0e41214d045d21b
    CRC-32
    f0bf4ba7
    File type
    application/x-ms-dos-executable
    First seen
    2011-09-28
  • F:/fanegx.exe
    Size
    148K
    SHA-1
    6990b14f3514e2f1ceb21b7871886cba8b6132d5
    MD5
    a36b7260d336c5979f96e2104410440a
    CRC-32
    66676eee
    File type
    application/x-ms-dos-executable
    First seen
    2011-09-28
  • F:/New Folder.lnk
    Size
    375
    SHA-1
    3b90577ed3be8b418a721dd88c487d8876add4f8
    MD5
    ee8d46f266f88c7003854c1af2186a40
    CRC-32
    905f8815
    File type
    application/octet-stream
    First seen
    2011-09-28
  • F:/Passwords.lnk
    Size
    373
    SHA-1
    7235617591d63ff5c05ef72a14636662790dc88e
    MD5
    42be7add737faee9979d3db89fbd6402
    CRC-32
    4f3ce6b3
    File type
    application/octet-stream
    First seen
    2011-09-28
  • F:/Video.lnk
    Size
    365
    SHA-1
    5c15e12d058232079f9d103d5e92de81e8b45f33
    MD5
    1b171f97e42648036ac74aadd1b7c00d
    CRC-32
    450c1aa1
    File type
    application/octet-stream
    First seen
    2011-09-28
  • F:/Documents.lnk
    Size
    373
    SHA-1
    6a065c6251cf98a00ad60b238b5e417e9545a95f
    MD5
    f19ee03450848854f1a09f3df1db3f0c
    CRC-32
    938318d9
    File type
    application/octet-stream
    First seen
    2011-09-28
  • c:\Documents and Settings\test user\faneg.exe
    Size
    148K
    SHA-1
    6990b14f3514e2f1ceb21b7871886cba8b6132d5
    MD5
    a36b7260d336c5979f96e2104410440a
    CRC-32
    66676eee
    File type
    application/x-ms-dos-executable
    First seen
    2011-09-28
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    faneg
    c:\Documents and Settings\test user\faneg.exe /O
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    ShowSuperHidden
    0x00000000
Processes Created
  • c:\Documents and Settings\test user\faneg.exe
DNS Requests
  • ns1.player1532.com

descargar Pruebe los productos de Sophos totalmente gratis
Descargue una evaluación gratuita