Examples of Troj/DelpInj-C include:
Example 1
File Information
- Size
- 24M
- SHA-1
- 0c830671d38df2acf1dc09b59426b382453a1066
- MD5
- fb0d1a6dd3c19de65b6a9798b06783c2
- CRC-32
- a163b4af
- File type
- application/x-ms-dos-executable
- First seen
- 2011-10-07
Runtime Analysis
Copies Itself To
- c:\Documents and Settings\test user\Application Data\WindowsUpdater_x64.exe
Registry Keys Created
- HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
- c:\Documents and Settings\test user\Application Data\WindowsUpdater_x64.exe
- c:\Documents and Settings\test user\Application Data\WindowsUpdater_x64.exe:*:Enabled:
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
- s1FNz1u3xqxrxKK
- c:\Documents and Settings\test user\Application Data\WindowsUpdater_x64.exe
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run
- s1FNz1u3xqxrxKK
- c:\Documents and Settings\test user\Application Data\WindowsUpdater_x64.exe
Processes Created
- c:\Documents and Settings\test user\application data\windowsupdater_x64.exe
HTTP Requests
- http://update.tequila-zimt.info/aldi/gate.php
DNS Requests
Example 2
File Information
- File type
- application/x-ms-dos-executable
Example 3
File Information
- Size
- 32M
- SHA-1
- c6aeade72376ea338f082eb4d6be5e55e7246801
- MD5
- 67cf625d6e47ce1e214b97194cd99862
- CRC-32
- f080c4ad
- File type
- application/x-ms-dos-executable
- First seen
- 2011-10-13