Troj/Zbot-GUP

Categoría: Virus y programas espía Protección disponible desde:05 nov 2013 12:52:52 (GMT)
Tipo: Trojan Última actualización:05 nov 2013 12:52:52 (GMT)
Predominio:

Download Descargue nuestra herramienta gratuita para la eliminación de virus - Encuentre las amenazas no detectadas por su antivirus

Examples of Troj/Zbot-GUP include:

Example 1

File Information

Size
339K
SHA-1
753a0e5f8389c020fc4f5afeedddc65ec30bd68a
MD5
ac0ddbb40be4cf9716901d1c24b33696
CRC-32
e45283c6
File type
Windows executable
First seen
2013-11-05

Runtime Analysis

HTTP Requests
  • http://networksecurityx.hopto.org/
DNS Requests
  • networksecurityx.hopto.org

Example 2

File Information

Size
339K
SHA-1
9e1dfdc0e406326a31b469cbe9b83a55625edbde
MD5
24f74fb07f854648f6c021fa5f98f9c0
CRC-32
b2ffef08
File type
Windows executable
First seen
2013-11-05

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Application Data\Opofmy\ukexo.exe
    Size
    339K
    SHA-1
    753a0e5f8389c020fc4f5afeedddc65ec30bd68a
    MD5
    ac0ddbb40be4cf9716901d1c24b33696
    CRC-32
    e45283c6
    File type
    Windows executable
    First seen
    2013-11-05
  • c:\Documents and Settings\test user\Local Settings\Application Data\injoon.xoi
    Size
    477
    SHA-1
    78a00a3f2b7c27ea2e310584a42d722e0199b324
    MD5
    0e3180767a98865182ff300bdca4932f
    CRC-32
    af6bc633
    File type
    Unspecified binary - probably data
    First seen
    2013-11-05
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Ukexo
    "c:\Documents and Settings\test user\Application Data\Opofmy\ukexo.exe"
  • HKCU\Identities
    Identity Login
    0x00098053
  • HKCU\Software\Microsoft\Jucoaxaxcevo
    979i475
    wq□□z□ z□@I□`v□@c□Pw□□p□
Processes Created
  • c:\Documents and Settings\test user\application data\opofmy\ukexo.exe
  • c:\windows\system32\cmd.exe
HTTP Requests
  • http://networksecurityx.hopto.org/
IP Connections
  • 108.240.232.212:3131
  • 202.64.88.129:5620
  • 213.123.194.165:2965
  • 64.231.104.129:6033
  • 69.92.6.139:4580
  • 70.113.122.191:7564
  • 76.234.237.128:9297
DNS Requests
  • networksecurityx.hopto.org

descargar Pruebe los productos de Sophos totalmente gratis
Descargue una evaluación gratuita