Troj/Mdrop-EIN

Category: Viruses and SpywareProtection available since:28 Jun 2012 11:35:31 (GMT)
Type: TrojanLast Updated:28 Jun 2012 11:35:31 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Mdrop-EIN exhibits the following characteristics:

File Information

Size
92K
SHA-1
69eccd437e07b6a84f4b5fc24bbf327b38df2db0
MD5
9b626c63480a0b150123022b8f71db79
CRC-32
bc5df6f7
File type
Windows executable
First seen
2012-06-28

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Application Data\KB00954719.exe
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    KB00954719.exe
    "c:\Documents and Settings\test user\Application Data\KB00954719.exe"
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    GlobalUserOffline
    0x00000000
Processes Created
  • c:\Documents and Settings\test user\application data\kb00954719.exe
  • c:\windows\system32\cmd.exe
IP Connections
  • 110.234.150.163:8080
  • 123.49.61.59:8080
  • 173.203.96.79:8080
  • 184.106.189.124:8080
  • 190.81.107.70:8080
  • 202.143.147.35:8080
  • 203.172.252.26:8080
  • 203.172.252.29:8080
  • 203.217.147.52:8080
  • 211.44.250.173:8080
  • 41.168.5.140:8080
  • 83.238.208.55:8080
  • 89.111.176.87:8080
  • 91.121.103.143:8080
  • 95.142.167.193:8080
  • 97.74.75.172:8080