Troj/Agent-ALHF

Category: Viruses and Spyware Protection available since:23 Jan 2015 02:13:08 (GMT)
Type: Trojan Last Updated:23 Jan 2015 02:13:08 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Agent-ALHF include:

Example 1

File Information

Size
92K
SHA-1
1864a6f7b164855cc33f9b925c7c204c8000b3c5
MD5
15a92cdd276474c65fd7fcf07d099d59
CRC-32
5f7c6e57
File type
Windows executable
First seen
2015-01-22

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Application Data\Regcpl\cachedocvw.exe
Dropped Files
  • C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\fc1e3851f429ea606d6ff1e01a5229f1_26c19984-2a01-45b5-a7b3-a568af60c200
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Msadv
    c:\Documents and Settings\test user\Application Data\Regcpl\cachedocvw.exe
Processes Created
  • c:\Documents and Settings\test user\application data\regcpl\cachedocvw.exe
DNS Requests
  • garbux.com

Example 2

File Information

Size
92K
SHA-1
c4d9ea0771fd391f395c86c65a615cf3ee5bc4d8
MD5
450f8b3a445b55fdf93910859913bb7b
CRC-32
142c98d9
File type
Windows executable
First seen
2015-01-21

Runtime Analysis

Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    Msadv
    c:\Documents and Settings\test user\Application Data\Regcpl\cachedocvw.exe
Processes Created
  • c:\Documents and Settings\test user\application data\regcpl\cachedocvw.exe
DNS Requests
  • garbux.com

Example 3

File Information

Size
92K
SHA-1
d216b68e29be2c6b4a3b1b55ed92a78bc1705d3d
MD5
24e01c73a092eb97a83ebc14de7a8d76
CRC-32
f3d9fdcd
File type
Windows executable
First seen
2015-01-20

Runtime Analysis

Processes Created
  • c:\Documents and Settings\test user\application data\regcpl\cachedocvw.exe
IP Connections
  • 192.168.1.5:80