Troj/Cycbot-O

    Category: Viruses and SpywareProtection available since:21 Oct 2011 11:42:31 (GMT)
    Type: TrojanLast Updated:21 Oct 2011 11:42:31 (GMT)
    Prevalence: Small Number of Reports

    Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

    Troj/Cycbot-O exhibits the following characteristics:

    Runtime Analysis

    Copies Itself To
    • C:\Program Files\LP\F01D\F76.exe
    Dropped Files
    • C:\Program Files\LP\F01D\2.tmp
    • c:\Documents and Settings\test user\Application Data\DA1A3\337E.A1A
    Registry Keys Created
    • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
      F76.exe
      C:\Program Files\LP\F01D\F76.exe
    • HKCU\Software\WinRAR
      HWID
      7b 42 46 42 32 35 43 42 35 2d 39 35 41 33 2d 34 33 39 34 2d 39 30 36 46 2d 34 31 37 33 30 32 44 41 39 41 42 34 7d
    Processes Created
    • c:\program files\lp\f01d\2.tmp
    • c:\windows\system32\msiexec.exe
    HTTP Requests
    • http://crl.microsoft.com/pki/crl/products/CSPCA.crl
    • http://crl.verisign.com/pca3-g2.crl
    • http://csc3-2009-crl.verisign.com/CSC3-2009.crl
    DNS Requests
    • crl.microsoft.com
    • crl.verisign.com
    • csc3-2009-crl.verisign.com
    • ourdatatransfers.com

    Download Sophos HomeDownload
    Sophos Home

    Free business-grade security for the home.

    Endpoint Protection