Troj/Agent-ALMD

Category: Viruses and Spyware Protection available since:05 Feb 2015 02:09:12 (GMT)
Type: Trojan Last Updated:05 Feb 2015 02:09:12 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Agent-ALMD include:

Example 1

File Information

Size
47K
SHA-1
0ab491121897f04fb2d6400a010b3265ec04c2aa
MD5
0dc955b297f1745c7e7948eff4bd6a06
CRC-32
0df042c1
File type
Windows executable
First seen
2015-02-04

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\sample.rtf
    Size
    3.2K
    SHA-1
    385376b765ed09f23764637df6c93ebda7a873c6
    MD5
    ba28ce7d0e2cac175feaeceb1b03453c
    CRC-32
    4ea4821e
    File type
    Rich Text Format (RTF)
    First seen
    2015-02-04
  • c:\Documents and Settings\test user\Local Settings\Temp\sozesy.cda
    Size
    1.7K
    SHA-1
    851b0f4ba9ee156f875ab0c142f5eeacb5d43c6a
    MD5
    c29ba97cf97d7757c3c6ddff3137046d
    CRC-32
    34445a34
    File type
    Microsoft CAB archive
    First seen
    2015-02-04
Processes Created
  • c:\program files\windows nt\accessories\wordpad.exe
DNS Requests
  • bikeceuta.com
  • cargol.cat
  • ppc.cba.pl
  • smartoptionsinc.com

Example 2

File Information

Size
46K
SHA-1
0b7ff6361976599f3bcf6b33983406e4ce4f0efd
MD5
345ece22b9d37aa9bf42c3397c6916a8
CRC-32
87eef528
File type
Windows executable
First seen
2015-02-04

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\sample.rtf
    Size
    3.2K
    SHA-1
    385376b765ed09f23764637df6c93ebda7a873c6
    MD5
    ba28ce7d0e2cac175feaeceb1b03453c
    CRC-32
    4ea4821e
    File type
    Rich Text Format (RTF)
    First seen
    2015-02-04
  • c:\Documents and Settings\test user\Local Settings\Temp\wolo.mpg
    Size
    1.7K
    SHA-1
    851b0f4ba9ee156f875ab0c142f5eeacb5d43c6a
    MD5
    c29ba97cf97d7757c3c6ddff3137046d
    CRC-32
    34445a34
    File type
    Microsoft CAB archive
    First seen
    2015-02-04
Processes Created
  • c:\program files\windows nt\accessories\wordpad.exe
DNS Requests
  • bikeceuta.com
  • cargol.cat
  • ppc.cba.pl
  • smartoptionsinc.com

Example 3

File Information

Size
44K
SHA-1
0c3cbfa1fb5f1d534d6bfed1bb1c6a5adf99f738
MD5
730fda86632b6b1ada6ba855a0bceb89
CRC-32
c707faac
File type
Windows executable
First seen
2015-02-04

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\devyn.bmp
    Size
    1.7K
    SHA-1
    851b0f4ba9ee156f875ab0c142f5eeacb5d43c6a
    MD5
    c29ba97cf97d7757c3c6ddff3137046d
    CRC-32
    34445a34
    File type
    Microsoft CAB archive
    First seen
    2015-02-04
  • c:\Documents and Settings\test user\Local Settings\Temp\sample.rtf
    Size
    3.2K
    SHA-1
    385376b765ed09f23764637df6c93ebda7a873c6
    MD5
    ba28ce7d0e2cac175feaeceb1b03453c
    CRC-32
    4ea4821e
    File type
    Rich Text Format (RTF)
    First seen
    2015-02-04
Processes Created
  • c:\program files\windows nt\accessories\wordpad.exe
DNS Requests
  • bikeceuta.com
  • cargol.cat
  • ppc.cba.pl
  • smartoptionsinc.com