Troj/Nanocor-HW

Category: Viruses and SpywareProtection available since:21 Sep 2016 15:16:52 (GMT)
Type: TrojanLast Updated:21 Sep 2016 15:16:52 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Nanocor-HW exhibits the following characteristics:

File Information

Size
461K
SHA-1
dac1d047de3daf968126bee5e1c3e1a22c7140cc
MD5
1eb3e861fb81006460a21569123f63ee
CRC-32
36e17820
File type
Windows executable
First seen
2016-09-20

Other vendor detection

Avira
TR/Dropper.Gen

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Application Data\winlogon.exe
Dropped Files
  • c:\Documents and Settings\test user\Application Data\26C19984-2A01-45B5-A7B3-A568AF60C200\run.dat
Processes Created
  • c:\windows\system32\schtasks.exe
HTTP Requests
  • http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt
  • http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt
IP Connections
  • 8.8.8.8:53
DNS Requests
  • cacerts.digicert.com
  • classiccream.hopto.org
  • www.download.windowsupdate.com