Troj/Agent-AFXD

Categoría: Virus y programas espía Protección disponible desde:02 feb 2014 00:38:59 (GMT)
Tipo: Trojan Última actualización:02 feb 2014 00:38:59 (GMT)
Predominio:

Download Descargue nuestra herramienta gratuita para la eliminación de virus - Encuentre las amenazas no detectadas por su antivirus

Troj/Agent-AFXD exhibits the following characteristics:

File Information

Size
1004K
SHA-1
1f4ffec7cf3b03ec04272b66cdaeec0b616b7825
MD5
19486afae009624e654c7f62b1a828e9
CRC-32
54b36f05
File type
Windows executable
First seen
2014-01-30

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Application Data\Logs\30-01-2014
    Size
    52
    SHA-1
    05aab8122cf52ccde941d2c4dfcd1acdaaca29d3
    MD5
    18488a380ba182525bb93c726f2422f8
    CRC-32
    0bc9616d
    File type
    Unspecified binary - probably data
    First seen
    2014-01-30
  • c:\Documents and Settings\test user\nbgyu\GFNr
    Size
    26M
    SHA-1
    7610b42b3aa33b44d32417a32045333eef77a991
    MD5
    4064b5de8cbeea1f37ccaac885be6fcf
    CRC-32
    f730897b
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2014-01-30
  • c:\Documents and Settings\test user\nbgyu\inmOYDxGN.PCV
    Size
    70K
    SHA-1
    4e18e2f655c315f0a4931db9d2fb2d620bf43ee4
    MD5
    b993dfb19803e17750c59ae0d9d77d2b
    CRC-32
    2d827f44
    File type
    Unspecified binary - probably data
    First seen
    2014-01-30
  • c:\Documents and Settings\test user\nbgyu\51158.vbs
    Size
    189
    SHA-1
    6085e9ababa8d0848d66de3a5b2b9b0a6ec64ac1
    MD5
    03d040e6e90ecccd10f1dbefa584f505
    CRC-32
    fed63098
    File type
    Visual Basic Script
    First seen
    2014-01-30
  • c:\Documents and Settings\test user\nbgyu\55950.cmd
    Size
    61
    SHA-1
    e822464d49569ea10d57e7ada4b1943dbd965b3a
    MD5
    5f98f6d112178ff5e73cdab2046f08b9
    CRC-32
    97907e34
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2014-01-30
  • c:\Documents and Settings\test user\nbgyu\UpjFlSLtwz.exe
    Size
    733K
    SHA-1
    cae4e8c730de5a01d30aabeb3e5cb2136090ed8d
    MD5
    71d8f6d5dc35517275bc38ebcc815f9f
    CRC-32
    4aca8fdb
    File type
    Windows executable
    First seen
    2012-01-31
  • c:\Documents and Settings\test user\nbgyu\PzzQ.CKQ
    Size
    110
    SHA-1
    1c010269ba5707471a485ba4e2e63522babac850
    MD5
    e26d18095bf9f6e66e1a9f513e5aa9a7
    CRC-32
    466680a7
    File type
    Configuration Data File (generic)
    First seen
    2014-01-30
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
    nbgyu
    C:\DOCUME~1\support\nbgyu\51158.vbs
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    NetWire
    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
  • HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2P0K31J7-O87A-Y144-154Q-DV7V102O0D81}
    StubPath
    "C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe"
Processes Created
  • c:\Documents and Settings\test user\nbgyu\upjflsltwz.exe
  • c:\windows\microsoft.net\framework\v4.0.30319\regsvcs.exe
DNS Requests
  • themoneyteam.zapto.org

descargar Pruebe los productos de Sophos totalmente gratis
Descargue una evaluación gratuita