Troj/Agent-ALLW

Category: Viruses and Spyware Protection available since:04 Feb 2015 18:54:24 (GMT)
Type: Trojan Last Updated:25 Feb 2015 17:06:05 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Agent-ALLW include:

Example 1

File Information

Size
47K
SHA-1
0008b60a89bcc0e4716717c15048e8aa50dd0ebd
MD5
7e3bd1adc74cb52c43993e1c4a62328f
CRC-32
448fbf49
File type
Windows executable
First seen
2015-02-04

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\jun.mdv
    Size
    1.7K
    SHA-1
    851b0f4ba9ee156f875ab0c142f5eeacb5d43c6a
    MD5
    c29ba97cf97d7757c3c6ddff3137046d
    CRC-32
    34445a34
    File type
    Microsoft CAB archive
    First seen
    2015-02-04
  • c:\Documents and Settings\test user\Local Settings\Temp\sample.rtf
    Size
    3.2K
    SHA-1
    385376b765ed09f23764637df6c93ebda7a873c6
    MD5
    ba28ce7d0e2cac175feaeceb1b03453c
    CRC-32
    4ea4821e
    File type
    Rich Text Format (RTF)
    First seen
    2015-02-04
Processes Created
  • c:\program files\windows nt\accessories\wordpad.exe
DNS Requests
  • bikeceuta.com
  • cargol.cat
  • ppc.cba.pl
  • smartoptionsinc.com

Example 2

File Information

Size
1.8M
SHA-1
005abbf8df14355a09b8e6e14fdc4c45844065cb
MD5
126341e41b9413129d6c1cbf9af56e2c
CRC-32
96a6d46c
File type
Windows executable
First seen
2015-02-07

Example 3

File Information

Size
47K
SHA-1
00b78cdfa12bbe2d539d0bad8a1bcec43c0f5e2a
MD5
9b0799889b2f1e63096549ae4a4135e9
CRC-32
3f5203ba
File type
Windows executable
First seen
2015-02-04

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\sample.rtf
    Size
    3.2K
    SHA-1
    385376b765ed09f23764637df6c93ebda7a873c6
    MD5
    ba28ce7d0e2cac175feaeceb1b03453c
    CRC-32
    4ea4821e
    File type
    Rich Text Format (RTF)
    First seen
    2015-02-04
  • c:\Documents and Settings\test user\Local Settings\Temp\heqehev.mpg
    Size
    1.7K
    SHA-1
    851b0f4ba9ee156f875ab0c142f5eeacb5d43c6a
    MD5
    c29ba97cf97d7757c3c6ddff3137046d
    CRC-32
    34445a34
    File type
    Microsoft CAB archive
    First seen
    2015-02-04
Processes Created
  • c:\program files\windows nt\accessories\wordpad.exe
DNS Requests
  • bikeceuta.com
  • cargol.cat
  • ppc.cba.pl
  • smartoptionsinc.com