Mal/Behav-044

Category: Viruses and SpywareProtection available since:12 Feb 2020 06:28:33 (GMT)
Type: Malicious behaviorLast Updated:12 Feb 2020 06:28:33 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Mal/Behav-044 include:

Example 1

File Information

Size
49K
SHA-1
008c9e4dbc798b75e84d5e262004000593095bef
MD5
00cc5d8fceb1ae63fc17af37e2647504
CRC-32
f7e5eefd
File type
Windows executable
First seen
2017-03-16

Runtime Analysis

Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
    PromptOnSecureDesktop
    0x00000000
  • HKLM\SOFTWARE\Microsoft\Security Center
    UACDisableNotify
    0x00000000
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    hgiymmaryk.exe
    C:\WINDOWS\WindowsUpdata\hgiymmaryk.exe□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□

Example 2

File Information

Size
49K
SHA-1
033d1c51d06f0ca7e30f63835219518c86719634
MD5
c4575d726e7e0160d75f5f9179c09c6e
CRC-32
809e3eb3
File type
Windows executable
First seen
2017-06-15

Runtime Analysis

Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    mudmcjvs.exe
    C:\WINDOWS\WindowsUpdata\mudmcjvs.exe□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
    PromptOnSecureDesktop
    0x00000000
  • HKLM\SOFTWARE\Microsoft\Security Center
    UACDisableNotify
    0x00000000
Processes Created
  • c:\windows\windowsupdata\mudmcjvs.exe
IP Connections
  • 121.50.168.188:2553

Example 3

File Information

Size
49K
SHA-1
08a8419268885b66fe120acc437f682af6f7508d
MD5
082389da0ffad94ac9dbbb32f1916851
CRC-32
66b62776
File type
Windows executable
First seen
2017-06-12

Runtime Analysis

Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    truhapfyzp.exe
    C:\WINDOWS\WindowsUpdata\truhapfyzp.exe□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□
  • HKLM\SOFTWARE\Microsoft\Security Center
    UACDisableNotify
    0x00000000
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
    PromptOnSecureDesktop
    0x00000000