W32/VB-GVO

Categoria: Virus e spyware Opzioni di protezione ora disponibili:19 ott 2013 18.13.54 (GMT)
Tipo: Win32 worm Ultimo aggiornamento:19 ott 2013 18.13.54 (GMT)
Prevalenza:

Download Scaricate il nostro Virus Removal Tool: è gratis! - Scoprite le minacce che sono sfuggite al vostro antivirus

W32/VB-GVO exhibits the following characteristics:

File Information

Size
435K
SHA-1
775488077175fa05963d335b7d7443a5fd37629a
MD5
5ecaf961ef084a6f44c7adb35d9b97a1
CRC-32
9b6d22cd
File type
Windows executable
First seen
2013-10-19

Other vendor detection

Avira
TR/Dropper.Gen

Runtime Analysis

Copies Itself To
  • C:\WINDOWS\system32\uxuu.exe
Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\~DF8681.tmp
    Size
    64K
    SHA-1
    045c6a97f5e070a9a1e90acec34a418a3d111a75
    MD5
    375b5fb8912145b2f312adb4d2ca579c
    CRC-32
    7faafb6e
    File type
    Microsoft OLE2 file format
    First seen
    2013-10-18
  • c:\Documents and Settings\test user\Local Settings\Temp\~DF383D.tmp
    Size
    64K
    SHA-1
    045c6a97f5e070a9a1e90acec34a418a3d111a75
    MD5
    375b5fb8912145b2f312adb4d2ca579c
    CRC-32
    7faafb6e
    File type
    Microsoft OLE2 file format
    First seen
    2013-10-18
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Windows Service Agent
    uxuu.exE
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
    Windows Service Agent
    uxuu.exE
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    Windows Service Agent
    uxuu.exE
Processes Created
  • c:\windows\system32\uxuu.exe
DNS Requests
  • sr1u.barmy-army.org

scarica Prova gratuita dei prodotti Sophos
Scarica subito