Mal/Behav-034

Category: Viruses and Spyware Protection available since:06 Sep 2006 00:00:00 (GMT)
Type: Malicious behavior Last Updated:01 Jul 2015 03:23:21 (GMT)
Prevalence: No Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Mal/Behav-034 include:

Example 1

File Information

Size
251K
SHA-1
050677c3f375a070344ef7f6fa76a6ca4c421f66
MD5
2a26b55d5541f48cc19264101d805f64
CRC-32
e1f5de7a
File type
Windows executable
First seen
2015-06-18

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\~DF9846.tmp
    Size
    1.5K
    SHA-1
    a718b9e23601049335c7fa63b5a5709addaa7f38
    MD5
    47df75d62a41d538b054f66ff9923891
    CRC-32
    a50e09ae
    File type
    Microsoft OLE2 file format
    First seen
    2015-06-23
  • c:\Documents and Settings\test user\Local Settings\Temp\WNE2.tmp
Processes Created
  • c:\windows\system32\rundll32.exe
HTTP Requests
  • http://ppp.minimenhu.com/geturl.php
  • http://u.tanghulu.cc/js/d/js/36so/360.js
DNS Requests
  • ppp.minimenhu.com
  • u.tanghulu.cc

Example 2

File Information

Size
58K
SHA-1
05329343e7422b8cfc039fc8718700fd4eaf19f8
MD5
7f04863124287d138e19e9b4eca7b77a
CRC-32
cd3751bb
File type
application/x-ms-dos-executable
First seen
2011-10-09

Example 3

File Information

Size
252K
SHA-1
05f15a020e322a9855b9f8908d68841764c2e51a
MD5
2a0f9c2a51bd20cf690cda5ca86dc42c
CRC-32
81116f4f
File type
Windows executable
First seen
2015-06-14

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\~DF78F8.tmp
    Size
    1.5K
    SHA-1
    46260f00ff2e8322269155718e7930c0ff8ec0e0
    MD5
    5378c4ee9d98b007677dd316cfdc0f95
    CRC-32
    2e49eeb0
    File type
    Microsoft OLE2 file format
    First seen
    2015-06-16
  • c:\Documents and Settings\test user\Local Settings\Temp\WNE2.tmp
Processes Created
  • c:\windows\system32\rundll32.exe
HTTP Requests
  • http://ppp.minimenhu.com/geturl.php
  • http://u.tanghulu.cc/js/d/js/36so/360.js
DNS Requests
  • ppp.minimenhu.com
  • u.tanghulu.cc

download Try Sophos products for free
Download now