Troj/FakeAV-GVX

Categoria: Virus e spyware Opzioni di protezione ora disponibili:08 ott 2013 18:28:04 (GMT)
Tipo: Trojan Ultimo aggiornamento:10 ott 2013 13:02:29 (GMT)
Prevalenza:

Download Scaricate il nostro Virus Removal Tool: è gratis! - Scoprite le minacce che sono sfuggite al vostro antivirus

Examples of Troj/FakeAV-GVX include:

Example 1

File Information

Size
76K
SHA-1
0016363a9db376c8c1f0256aecd553b4d2f57db1
MD5
924294cf9751fe137d1dfe573d313900
CRC-32
6d0f820d
File type
Windows executable
First seen
2013-10-08

Runtime Analysis

Registry Keys Modified
  • HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
    Shell
    explorer.exe,c:\Documents and Settings\test user\Application Data\cache.dat
Processes Created
  • c:\windows\system32\svchost.exe
HTTP Requests
  • http://saiyz.su/erypican-alls-sjpk-zetb-ibag-svbn-kwvpjbszupewyvixecabctgkllhveyvjzbfsra-ahvz-njcdajvtal-eyeyzwqwmjjksmajgckn-uhlrxoocgn-vhowagestekkpw-jeafol-kg.html
DNS Requests
  • saiyz.su

Example 2

File Information

Size
78K
SHA-1
00446c4c552daf0ce256cf8d81a3f957f9f14ac8
MD5
57d5447605182f494b2722f5cf8ddfa1
CRC-32
65ee0adb
File type
Windows executable
First seen
2013-10-09

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Application Data\cache.dat
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
    Shell
    explorer.exe,c:\Documents and Settings\test user\Application Data\cache.dat
Processes Created
  • c:\windows\system32\svchost.exe
HTTP Requests
  • http://saiyz.su/pwrplxxwonpiqt_msfb_nqwp_hhsi_kxul_sece_ahegmr-erypicanallssjpkzetbibagwprpdo-bnyh-mlmk_ilgkgupwkgpm_vlfbankwubbqqrfsmrcdexumxcjdvt_mkep_rygsvs-bi.html
DNS Requests
  • saiyz.su

Example 3

File Information

Size
525K
SHA-1
0088b27314db2bb4a9eda497c733a905c5ec482e
MD5
77f8eae3003006fc605348f415cabfb6
CRC-32
ed4e665d
File type
Windows executable
First seen
2013-10-06

scarica Prova gratuita dei prodotti Sophos
Scarica subito