Troj/Agent-UNK

Category: Viruses and SpywareProtection available since:19 Jan 2012 13:45:17 (GMT)
Type: TrojanLast Updated:19 Jan 2012 13:45:17 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Agent-UNK exhibits the following characteristics:

File Information

Size
332K
SHA-1
caf64e4a9f9cd0f3cd90ae6855d31a7ccf25758b
MD5
bafbeea4639071bb75d5c0216d7f0659
CRC-32
6bcf16ca
File type
application/x-ms-dos-executable
First seen
2012-01-19

Runtime Analysis

Copies Itself To
  • C:\WINDOWS\apocalyps32.exe
Dropped Files
  • C:\WINDOWS\ap0calypse_601F769F\ServerLogs\support\19-01-2012
    Size
    307
    SHA-1
    2432a924fb4213849453412ebf764489e1f1dd5b
    MD5
    efd5d660664e4a87c5dbc55a82246f79
    CRC-32
    ba213c26
    File type
    application/octet-stream
    First seen
    2012-01-19
Registry Keys Created
  • HKCU\Software\apocalyps32
    Sifre
    ap0calypse
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    apocalyps32
    C:\WINDOWS\apocalyps32.exe
Registry Keys Modified
  • HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
    Userinit
    C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\apocalyps32.exe
Processes Created
  • c:\windows\apocalyps32.exe
DNS Requests
  • legolas8.no-ip.biz