Troj/Androm-AE

Categoria: Virus e spyware Opzioni di protezione ora disponibili:13 ago 2013 16:17:42 (GMT)
Tipo: Trojan Ultimo aggiornamento:31 ago 2013 02:09:31 (GMT)
Prevalenza:

Download Scaricate il nostro Virus Removal Tool: è gratis! - Scoprite le minacce che sono sfuggite al vostro antivirus

Examples of Troj/Androm-AE include:

Example 1

File Information

Size
119K
SHA-1
cf4f93329ded5596768b3ef07a4d285138096d4f
MD5
24bdd23c79e277dc1290b44fda0bb4bd
CRC-32
c51757b1
File type
Windows executable
First seen
2013-08-12

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Application Data\Microsoft\Windows\usbmon.exe
Dropped Files
  • c:\Documents and Settings\test user\Application Data\Microsoft\Windows\auditpol.exe
    Size
    7.0K
    SHA-1
    9c86594afb928b9f46581edfa864c9d90a5effdb
    MD5
    75a2bf4c3beb7a1fbfd2cd3bbc68cd92
    CRC-32
    0e2b35bc
    File type
    Windows executable
    First seen
    2013-08-12
  • c:\Documents and Settings\test user\Application Data\Logs\13-08-2013
    Size
    246
    SHA-1
    4fd04c3de662b0fc69cbec0f511a7e671e4bcf6d
    MD5
    74ccff0ea1cdcaafe59a8e332d6ba2f4
    CRC-32
    42705aac
    File type
    Unspecified binary - probably data
    First seen
    2013-08-13
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
    Standard Dynamic Printing Port Monitor
    c:\Documents and Settings\test user\Application Data\Microsoft\Windows\auditpol.exe
Processes Created
  • c:\Documents and Settings\test user\application data\microsoft\windows\auditpol.exe
  • c:\Documents and Settings\test user\application data\microsoft\windows\usbmon.exe
  • c:\windows\microsoft.net\framework\v2.0.50727\applaunch.exe
DNS Requests
  • ozonelayer.no-ip.org

Example 2

File Information

Size
7.0K
SHA-1
2ff7183a0402c6f63af39a0e04c130950f6d0939
MD5
ca0cfd3dacc453f76b7122c82e0ea68e
CRC-32
b44a69c1
File type
Windows executable
First seen
2013-08-06

Example 3

File Information

Size
9.5K
SHA-1
6c9fd3d4fe565ee4391fa9783c00d16f13a9422b
MD5
7569065db583b211c2bfa9c396c64df6
CRC-32
0c9b68bb
File type
Windows executable
First seen
2013-08-25

scarica Prova gratuita dei prodotti Sophos
Scarica subito