Troj/Agent-SSR exhibits the following characteristics:
File Information
- Size
- 124K
- SHA-1
- 51fb31d84cb4fd1f2e2f7d918645410b1c062e9d
- MD5
- 327423c6dd50452bb2d314a5132b7e18
- CRC-32
- 325dad94
- File type
- application/x-ms-dos-executable
- First seen
- 2011-07-21
Runtime Analysis
Dropped Files
- C:\WINDOWS\docrona.dll
- Size
- 124K
- SHA-1
- 4637a8d7c438ecbd6c9aeb28400785d5e5b14dc0
- MD5
- 0fe1de65f11e5d45a6d50f248e919fa1
- CRC-32
- a5b1c170
- File type
- application/x-ms-dos-executable
- First seen
- 2011-07-21
Registry Keys Created
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Tceluvupoqoxevu
- Kxazo
- 43 01 38 03 58 05 51 07 41 09 44 0b 48 0d 41 0f 47 11 41 13 48 15 72 17 77 19 79 1b 6e 1d 71 1f 4e 21 43 23 0a 25 42 27 44 29 46 2b 2c 2d
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run
- Egiciwuvubom
- rundll32.exe "C:\WINDOWS\docrona.dll",Startup
Processes Created
- c:\windows\system32\rundll32.exe
HTTP Requests
- http://222107db070f.kaylith.net/get2.php
DNS Requests