Sus/ComPack-G

Categoria: File e comportamenti sospetti Opzioni di protezione ora disponibili:14 mag 2010 00.22.19 (GMT)
Tipo: Suspicious file Ultimo aggiornamento:08 lug 2011 17.49.42 (GMT)

Download Scaricate il nostro Virus Removal Tool: è gratis! - Scoprite le minacce che sono sfuggite al vostro antivirus

Summary

Files detected as Sus/ComPack-G exhibit suspicious behaviour.

Detailed analysis

Example behaviours of Sus/ComPack-G follow:

Example 1

Runtime Analysis

Modified Files
  • %SYSTEM%
    • Set the hidden flag
Registry Keys Created
  • HKLM\SOFTWARE\winlogin.exe
    nck
    ed 1b e6 27 b9 28 d6 32 74 c3 cd 74 fa 93 5b 67
Processes Created
  • c:\program files\internet explorer\iexplore.exe
DNS Requests
  • gyan.no-ip.info

Example 2

File Information

Size
344K
SHA-1
392515cf010b0e4aa05b4b2e78460bf2ce52db63
MD5
135290f2c6325136fc52ee60e7ff0ba3
CRC-32
65de9aa0
File type
application/x-ms-dos-executable
First seen
2010-07-16

Example 3

File Information

Size
116K
SHA-1
0f711fc2dd14c45cdece1be673ddcede92e5d300
MD5
501566d8f5ed472c6c8e501cf3eb88bf
CRC-32
274857df
File type
application/x-ms-dos-executable
First seen
2010-07-16

scarica Prova gratuita dei prodotti Sophos
Scarica subito