Troj/Kryptik-BY

Categoria: Virus e spyware Opzioni di protezione ora disponibili:20 nov 2013 15.56.54 (GMT)
Tipo: Trojan Ultimo aggiornamento:20 nov 2013 15.56.54 (GMT)
Prevalenza:

Download Scaricate il nostro Virus Removal Tool: è gratis! - Scoprite le minacce che sono sfuggite al vostro antivirus

Troj/Kryptik-BY exhibits the following characteristics:

File Information

Size
27K
SHA-1
48cbb43a81f9fa67f12f4cb78d2dc1bbc8d3a457
MD5
ba63caa9f728ba134072ae1a24e8da67
CRC-32
0d81c575
File type
Windows executable
First seen
2013-11-20

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Temp\Trojan.exe
Dropped Files
  • C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch
  • C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch
Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    5cd8f17f4086744065eb0992a09e05a2
    "c:\Documents and Settings\test user\Local Settings\Temp\Trojan.exe" ..
  • HKCU\Environment
    SEE_MASK_NOZONECHECKS
    1
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    5cd8f17f4086744065eb0992a09e05a2
    "c:\Documents and Settings\test user\Local Settings\Temp\Trojan.exe" ..
Processes Created
  • c:\docume~1\support\locals~1\temp\trojan.exe
  • c:\windows\system32\netsh.exe
DNS Requests
  • abdo1974.no-ip.biz

scarica Prova gratuita dei prodotti Sophos
Scarica subito