W32/Dorkbot-KD

Kategorie: Viren und Spyware Schutz verfügbar seit:21 Jul 2014 11:01:56 (GMT)
Typ: Win32 worm Zuletzt aktualisiert:21 Jul 2014 11:01:56 (GMT)
Verbreitung:

Download Kostenloses Virus Removal Tool downloaden – Finden Sie Bedrohungen, die Ihre Virenschutzsoftware übersehen hat

W32/Dorkbot-KD exhibits the following characteristics:

File Information

Size
203K
SHA-1
99c9638dc98035de7e5dad229cb44e907e01292c
MD5
5334b7ffaafc1936e0d718a9e6381cb0
CRC-32
b0948710
File type
Windows executable
First seen
2014-07-17

Other vendor detection

Avira
TR/Crypt.Xpack.88736

Runtime Analysis

Copies Itself To
  • F:/SItSSrX.exe
  • c:\Documents and Settings\test user\Application Data\c731200
  • c:\Documents and Settings\test user\Local Settings\Temp\Adobe\Reader_sl.exe
Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\c731200
    Size
    9
    SHA-1
    3d01e07a851349cfd0628040d518ca654547487b
    MD5
    4dde793c9ed5a2df756aad9ad0167c67
    CRC-32
    47dc8aa5
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2014-07-21
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Adobe System Incorporated
    C:\DOCUME~1\support\LOCALS~1\Temp\Adobe\Reader_sl.exe
Processes Created
  • c:\windows\system32\calc.exe
  • c:\windows\system32\notepad.exe
  • c:\windows\system32\svchost.exe
HTTP Requests
  • http://api.wipmania.com/
DNS Requests
  • a.adoyou1understandme42.com
  • a.aiphon1egalaxyblack42.com
  • a.ajjjqws1fkxx42.com
  • a.amous1epadsafa42.com
  • api.wipmania.com

Download Sophos Produkte kostenlos testen
Jetzt downloaden