HPsus/Zbot-B

Catégorie: Comportements et fichiers suspects
Type: Suspicious behavior

Download Téléchargez notre outil gratuit de suppression des virus - Découvrez ce que votre antivirus actuel n'a pas su détecter

Examples of HPsus/Zbot-B include:

Example 1

File Information

Size
111K
SHA-1
b530a968f58a8e7542ab13299dd2bbdfe96459d2
MD5
929497489f0598e4e013131eadf522b9
CRC-32
72bf343a
File type
application/x-ms-dos-executable
First seen
2010-10-02

Other vendor detection

Avira
TR/Spy.ZBot.apzm

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Application Data\Umispy\cilit.exe
    Size
    111K
    SHA-1
    812c06d61cc49c6c425c8520bc245d83e4b78db1
    MD5
    9bd6fc64fbecbaf427a0466fa117036b
    CRC-32
    b2f17df0
    File type
    application/x-ms-dos-executable
    First seen
    2010-11-30
Processes Created
  • c:\windows\system32\cmd.exe

Example 2

File Information

Size
122K
SHA-1
c33213e29b063cd3122b747730c49a4b32db4cfc
MD5
927aff4a8f619a1d73450404d30c3854
CRC-32
2b201322
File type
application/x-ms-dos-executable
First seen
2010-10-18

Other vendor detection

Trend
PAK_Generic.001

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Application Data\Vieloq\xyosu.exe
    Size
    122K
    SHA-1
    54b1ba065a8709615b80570963b42c672bd224aa
    MD5
    f713adbb1519f8df699f735f40935e56
    CRC-32
    85c55563
    File type
    application/x-ms-dos-executable
    First seen
    2010-11-30
Processes Created
  • c:\windows\system32\cmd.exe

Example 3

File Information

Size
143K
SHA-1
c6b59a55088ecb3dadbf38c20530cc19255339d5
MD5
1fbaec4a3edae5fc97e96de6e34bba7c
CRC-32
deb409f1
File type
application/x-ms-dos-executable
First seen
2010-10-15

Other vendor detection

Avira
TR/Spy.SpyEyes.cqi
Trend
PAK_Generic.001

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Application Data\Yzbiny\ymewu.exe
    Size
    143K
    SHA-1
    4f63a722e7ad2804a3bcfc2238422401b87b4153
    MD5
    8a53b21b695e8c4c89e4e901fced164f
    CRC-32
    82d13209
    File type
    application/x-ms-dos-executable
    First seen
    2010-11-30
Processes Created
  • c:\windows\system32\cmd.exe

download Essayez les produits Sophos gratuitement
Téléchargez maintenant