Examples of Troj/Agent-AHXK include:
Example 1
File Information
- Size
- 25K
- SHA-1
- 572167e9e7eeba25e94b0a212d90223361f75518
- MD5
- 79772d72082a082a0048569ba2dfe5a3
- CRC-32
- e40fb754
- File type
- Windows executable
- First seen
- 2014-07-15
Runtime Analysis
Processes Created
- c:\docume~1\support\locals~1\temp\ktopv.exe
HTTP Requests
- http://94.23.247.202/1507cw/PC/0/51Service%20Pack%203/0/
- http://94.23.247.202/1507cw/PC/1/0/0/
- http://94.23.247.202/1507cw/PC/41/3/4/
- http://94.23.247.202/1507h/PC/1/0/0/
- http://94.23.247.202/1507p/PC/1/0/0/
- http://champdeslicornes.be/images/stories/heap_61_id3.zip
- http://shankli.com/css/cw404.zip
IP Connections
DNS Requests
- champdeslicornes.be
- shankli.com
- vivatsaultppc.com
Example 2
File Information
- Size
- 26K
- SHA-1
- ec083899b1ccad15524f7324790e3bca32f24852
- MD5
- 0fd987d59853cf5b7f73f18f7200bef9
- CRC-32
- ef37b35a
- File type
- Windows executable
- First seen
- 2014-07-15
Runtime Analysis
Dropped Files
- c:\Documents and Settings\test user\Local Settings\Temp\ktopv.exe
- Size
- 26K
- SHA-1
- cdf93a88fd3754cead55621d8d274287d7b19737
- MD5
- ab63f3c1b6a385587f013224f13972f7
- CRC-32
- 372f18ef
- File type
- Windows executable
- First seen
- 2014-07-15
Processes Created
- c:\docume~1\support\locals~1\temp\ktopv.exe
Example 3
File Information
- Size
- 10.0K
- SHA-1
- 83d084238b935f7ba4f6f87853683f28861ec312
- MD5
- b1c4330f4ffc9581ef2cf9d5f0e7fa41
- CRC-32
- 868e9873
- File type
- PK ZIP archive
- First seen
- 2014-07-15