Troj/Autoit-QN

Category: Viruses and Spyware Protection available since:05 Sep 2012 19:17:27 (GMT)
Type: Trojan Last Updated:05 Sep 2012 19:17:27 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Autoit-QN exhibits the following characteristics:

File Information

Size
483K
SHA-1
44ac0e9da1eedc31a0fcb7feb25c66f7a1305a47
MD5
9af8edf2029f46a846751f456ed19c4c
CRC-32
49d7bb44
File type
Windows executable
First seen
2012-08-04

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Application Data\Microsoft\WinNT.tmp
  • c:\Documents and Settings\test user\Application Data\ntdlr.exe
Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\no.edu
    Size
    37K
    SHA-1
    561d62048035603195ab57ad9dffcf111e5491b9
    MD5
    4d432796933fd2d895c167b7fb1510d3
    CRC-32
    526de035
    File type
    Unspecified binary - probably data
    First seen
    2012-09-05
Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    Video Driver
    c:\Documents and Settings\test user\Application Data\ntdlr.exe
Processes Created
  • c:\Documents and Settings\test user\application data\ntdlr.exe
  • c:\windows\system32\calc.exe
DNS Requests
  • stardaze.sytes.net