Troj/FakeAV-GOJ

Category: Viruses and Spyware Protection available since:29 Apr 2013 20:18:37 (GMT)
Type: Trojan Last Updated:03 May 2013 23:37:07 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/FakeAV-GOJ include:

Example 1

File Information

Size
835K
SHA-1
0f604c94a31d457e846cebb1723022308f61ba9a
MD5
36a9c94fa2082a9196016a3b7a51c358
CRC-32
bb1ed33a
File type
Windows executable
First seen
2013-04-28

Runtime Analysis

Processes Created
  • c:\windows\system32\spoolsv.exe
HTTP Requests
  • http://saggerboy.com/images/m.php
  • http://www.banglamasala.com/ccbill/m.php
DNS Requests
  • saggerboy.com
  • www.banglamasala.com

Example 2

File Information

Size
835K
SHA-1
0ff41a3e3e599f0eef71cef7c8846dbee82cc94a
MD5
854b2da626c86db6921f3271eed13d88
CRC-32
09f03794
File type
Windows executable
First seen
2013-04-28

Runtime Analysis

Processes Created
  • c:\windows\system32\spoolsv.exe
HTTP Requests
  • http://saggerboy.com/images/m.php
  • http://www.banglamasala.com/ccbill/m.php
DNS Requests
  • saggerboy.com
  • www.banglamasala.com

Example 3

File Information

Size
835K
SHA-1
10a020f1e7753809a84476f6b438d57ed74a6141
MD5
123dfaa8053bfed417f1fd04f0b13a54
CRC-32
99f03ccf
File type
Windows executable
First seen
2013-04-28

Runtime Analysis

Processes Created
  • c:\documents and settings\all users\application data\amsecure.exe
  • c:\windows\system32\spoolsv.exe
HTTP Requests
  • http://saggerboy.com/images/m.php
  • http://www.banglamasala.com/ccbill/m.php
DNS Requests
  • saggerboy.com
  • www.banglamasala.com

download Try Sophos products for free
Download now