Troj/Agent-AGGM

Catégorie: Virus et spywares Protection disponible depuis:05 mars 2014 06:38:52 (GMT)
Type: Trojan Dernière mise à jour :05 mars 2014 06:38:52 (GMT)
Prévalence:

Download Téléchargez notre outil gratuit de suppression des virus - Découvrez ce que votre antivirus actuel n'a pas su détecter

Examples of Troj/Agent-AGGM include:

Example 1

File Information

Size
220K
SHA-1
3de56f1bc1fc9d359a6e0967d3fa340655dca95b
MD5
593f8d5bf16b7f0cb0a551449c8a3624
CRC-32
e58e700f
File type
Windows executable
First seen
2014-01-02

Example 2

File Information

Size
4.8M
SHA-1
3ff72058e4ad49dd928a6bb1458a67a41ae5874b
MD5
fdb20b11b6c71062cc3ce8b7f9d3246b
CRC-32
9f97f1c7
File type
Windows executable
First seen
2014-01-01

Runtime Analysis

Dropped Files
  • C:\Documents and Settings\All Users\Application Data\Browser Enhancer\BrowserEnhancer.dll
    Size
    4.2M
    SHA-1
    270071642db8403da939b014c156cfd9278a6d74
    MD5
    a7b69ba1ac5b598294ef1d944986e0e3
    CRC-32
    ec302b7d
    File type
    Windows executable
    First seen
    2014-01-01
  • C:\Documents and Settings\All Users\Application Data\Browser Enhancer\BrowserEnhancerSvc.dll
    Size
    174K
    SHA-1
    78f3665a522a19baa38c02df21011156780e5ee8
    MD5
    2e93b8e6b535deb1a8a44cd00fb89ad5
    CRC-32
    bc1500bd
    File type
    Windows executable
    First seen
    2014-01-01
  • c:\Documents and Settings\test user\Local Settings\Temp\tf00294823.dll
    Size
    4.2M
    SHA-1
    270071642db8403da939b014c156cfd9278a6d74
    MD5
    a7b69ba1ac5b598294ef1d944986e0e3
    CRC-32
    ec302b7d
    File type
    Windows executable
    First seen
    2014-01-01
Registry Keys Created
  • HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}\_3dec13b7\eae10f9d
    f2c53c49
    UlAr/XJ/c//k////
  • HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}\_3dec13b7
    iiid
    0x00000001
  • HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}\_3dec13b7\00000000
    3efeb33e
    □□□
  • HKLM\SYSTEM\CurrentControlSet\Services\3dec13b7\Security
    Security
    □□□@□□□□□□□□□□□□□□@□□□□□□□□□□□ □□□□□□□□□□□ □□@□□□□□□□□□□□□□□□□□□□□□□□□□□ □□□□□@□□□□□□□□@□□□□□ □□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□@□□□□□ □□□□□□□□□□□□□□□□□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□□□□0□□□□□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□ □□□□□
  • HKLM\SYSTEM\CurrentControlSet\Services\3dec13b7\Enum
    NextInstance
    0x00000001
  • HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
    3dec13b7
    C:\Documents and Settings\All Users\Application Data\Browser Enhancer\BrowserEnhancer.dll
  • HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}\_3dec13b7\00000000
    3efeb33e
    □□□
  • HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}\_3dec13b7\eae10f9d
    f2c53c49
    UlAr/XJ/c//k////
  • HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}\_3dec13b7
    svpath
    c:\docume~1\alluse~1\applic~1\browse~1\BrowserEnhancerSvc.dll
  • HKLM\SYSTEM\CurrentControlSet\Services\3dec13b7
    ObjectName
    LocalSystem
  • HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
    LoadAppInit_DLLs
    0x00000001
Processes Created
  • c:\windows\system32\rundll32.exe

Example 3

File Information

Size
256K
SHA-1
59e60d783af890531a0f53d9900c632d1e1b280a
MD5
9f1d2005481d437283e7b01092b9fa51
CRC-32
d9215312
File type
Windows executable
First seen
2011-06-27

download Essayez les produits Sophos gratuitement
Téléchargez maintenant