Mal/VB-AMT

Category: Viruses and SpywareProtection available since:07 Jul 2014 00:34:55 (GMT)
Type: Malicious behaviorLast Updated:07 Jul 2014 00:34:55 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Mal/VB-AMT include:

Example 1

File Information

Size
246K
SHA-1
2593ece0c70a309a98bd1d3deb6dacba5ec10efe
MD5
b3e31db8b893b7d78ecc5ab4d52d9a3b
CRC-32
b4d9a947
File type
Windows executable
First seen
2014-07-06

Other vendor detection

Avira
TR/Dropper.VB.15060

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Start Menu\Programs\Startup\lsass.exe
Registry Keys Created
  • HKCU\Software\WinRAR
    HWID
    {0□□C□@0□ E□□-□ 6□□C□□4□□C□p-□□C□00□□D□□2□@6□P5□`0□08□0}□
Processes Created
  • c:\Documents and Settings\test user\start menu\programs\startup\lsass.exe
DNS Requests
  • frannky.ddob.us

Example 2

File Information

Size
243K
SHA-1
312b1bc7cf0d3a8bb762e9119d1ff3eccc85979d
MD5
a6af464fd3474af549f68115b7b29dd4
CRC-32
886ad99c
File type
Windows executable
First seen
2014-07-05

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Start Menu\Programs\Startup\lsass.exe
Registry Keys Created
  • HKCU\Software\WinRAR
    Client Hash
    g□□□□□□□□□□□□$□pD□□h□□□□
Processes Created
  • c:\Documents and Settings\test user\start menu\programs\startup\lsass.exe
DNS Requests
  • dave.ddob.us

Example 3

File Information

Size
219K
SHA-1
9e0dc7fe2c2164bccdad6b7e97b3a888d580c34d
MD5
b6a54a54809a856db5adf85413f92a99
CRC-32
25bc0cb5
File type
application/x-ms-dos-executable
First seen
2014-07-03

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Start Menu\Programs\Startup\lsass.exe
Registry Keys Created
  • HKCU\Software\WinRAR
    Client Hash
    6□□P□□`:□P□□□;□□□□P□□□□□
Processes Created
  • c:\Documents and Settings\test user\start menu\programs\startup\lsass.exe
DNS Requests
  • mccarthy.ddob.us