Mal/Agent-PT

Category: Viruses and SpywareProtection available since:12 Jan 2011 07:06:23 (GMT)
Type: Malicious behaviorLast Updated:12 Jan 2011 07:06:23 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Mal/Agent-PT include:

Example 1

File Information

Size
87K
SHA-1
063fddbaa1bdc2e5738188ded99c6752d378f1f7
MD5
a43e14ec0daa8fcba2041cfead4c3da3
CRC-32
9f9c7b6c
File type
application/x-ms-dos-executable
First seen
2010-12-16

Example 2

File Information

Size
87K
SHA-1
142cce13a3c2268829269c3a6ead123fdf8edfdf
MD5
5db477ebb857b3491dc231c0566b8789
CRC-32
ea32ff4b
File type
application/x-ms-dos-executable
First seen
2010-12-22

Other vendor detection

Avira
TR/Crypt.XPACK.Gen
Kaspersky
Net-Worm.Win32.Kolabc.gmn

Runtime Analysis

Copies Itself To
  • C:\WINDOWS\system32\logon.exe
Processes Created
  • c:\windows\system32\cmd.exe

Example 3

File Information

Size
87K
SHA-1
35adec1097cb2ebd1d79c8156cf8a0b8875fff1d
MD5
8c58abff5e66603fd4a26115b0bcd6b8
CRC-32
fa1aec87
File type
application/x-ms-dos-executable
First seen
2011-01-12

Runtime Analysis

Copies Itself To
  • C:\WINDOWS\system32\algs.exe
Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    Application Layer Gateway Service
    C:\WINDOWS\system32\algs.exe
Processes Created
  • c:\windows\system32\algs.exe
  • c:\windows\system32\cmd.exe
DNS Requests
  • tx.nadersamar2.org