Troj/Mdrop-DOX

Category: Viruses and SpywareProtection available since:11 Jul 2011 15:20:56 (GMT)
Type: TrojanLast Updated:11 Jul 2011 15:20:56 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Mdrop-DOX exhibits the following characteristics:

File Information

Size
130K
SHA-1
113320eb065c59a6a825b4f424b7b62031e08be8
MD5
14d3537081dc5c801e709965e38b6589
CRC-32
6ed98df6
File type
application/x-ms-dos-executable
First seen
2011-07-10

Runtime Analysis

Copies Itself To
  • C:\WINDOWS\msconfig23.exe
Registry Keys Created
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    Windows Services
    msconfig23.exe
  • HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
    c:\test_item.exe
    c:\test_item.exe:*:Enabled:Windows Services
  • HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run
    Windows Services
    msconfig23.exe
Registry Keys Modified
  • HKLM\SYSTEM\CurrentControlSet\Services\RemoteAccess\Performance
    Error Count
    0x0000000b