Troj/FakeAV-DAQ

Category: Viruses and Spyware Protection available since:28 Mar 2011 05:26:24 (GMT)
Type: Trojan Last Updated:28 Mar 2011 05:26:24 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/FakeAV-DAQ exhibits the following characteristics:

File Information

Size
534K
SHA-1
eece143f5ca6fceeb50ab0f003b10e5cd57de458
MD5
2489f46c8a5e7fe811387f14ba4de634
CRC-32
0ddfa31b
File type
application/x-ms-dos-executable
First seen
2011-03-28

Other vendor detection

Kaspersky
Trojan-Downloader.Win32.FraudLoad.zaxe

Runtime Analysis

Copies Itself To
  • C:\Documents and Settings\All Users\Application Data\JmpyxPEOWqPO.exe
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System
    DisableTaskMgr
    0x00000001
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system
    DisableTaskMgr
    0x00000001
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    JmpyxPEOWqPO
    C:\Documents and Settings\All Users\Application Data\JmpyxPEOWqPO.exe
HTTP Requests
  • http://searchgrumpy.org/404.php
DNS Requests
  • searchgrumpy.org