Mal/EncPk-AFU

Category: Viruses and SpywareProtection available since:17 Jul 2012 15:28:23 (GMT)
Type: Malicious behaviorLast Updated:17 Jul 2012 15:28:23 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Mal/EncPk-AFU include:

Example 1

File Information

Size
97K
SHA-1
0efac8ed1494b1f3159047e5d5820aeaf2740e1e
MD5
b08566eef3ead68ce44ea67fa45479ba
CRC-32
e62daef8
File type
Windows executable
First seen
2012-07-16

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\vgwisb.exe
Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
    Taskman
    c:\Documents and Settings\test user\vgwisb.exe
Processes Created
  • c:\windows\system32\svchost.exe
DNS Requests
  • murik.portal-protection.net.ru
  • slade.safehousenumber.com
  • world.rickstudio.ru

Example 2

File Information

Size
106K
SHA-1
219f38fd760cf16f5060d8b160c997b0294a3f78
MD5
51de1a7690a95350687edd334eb27773
CRC-32
1130c426
File type
Windows executable
First seen
2007-05-16

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\ciboq.exe
Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
    Taskman
    c:\Documents and Settings\test user\ciboq.exe
Processes Created
  • c:\windows\system32\svchost.exe
DNS Requests
  • banana.cocolands.su
  • murik.portal-protection.net.ru
  • slade.safehousenumber.com
  • world.rickstudio.ru

Example 3

File Information

Size
240K
SHA-1
31ef9591f19f9fb6459fe1b81aacefcae2b55ba9
MD5
d9c3f7299904dca361c7ce74465183bb
CRC-32
6449d44c
File type
Windows executable
First seen
2012-05-08

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\culrj.exe
Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
    Taskman
    c:\Documents and Settings\test user\culrj.exe
Processes Created
  • c:\windows\system32\svchost.exe
DNS Requests
  • banana.cocolands.su
  • murik.portal-protection.net.ru
  • slade.safehousenumber.com
  • world.rickstudio.ru