Troj/PWS-BXJ

    Category: Viruses and SpywareProtection available since:25 May 2012 02:05:49 (GMT)
    Type: TrojanLast Updated:25 May 2012 02:05:49 (GMT)
    Prevalence: Small Number of Reports

    Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

    Examples of Troj/PWS-BXJ include:

    Example 1

    File Information

    Size
    69K
    SHA-1
    12adff16108519d0e85d88c17964454f796e1024
    MD5
    98c6e985266f4258c79727449964c25b
    CRC-32
    14a59f4d
    File type
    Windows executable
    First seen
    2012-04-18

    Other vendor detection

    Avira
    TR/Crypt.FKM.Gen

    Runtime Analysis

    Dropped Files
    • c:\Documents and Settings\test user\Local Settings\Temp\wuacult.exe
      Size
      380K
      SHA-1
      be2048c3f8df028b6000156b946a25b526d4ff79
      MD5
      a6bb557725570377cb84823328e94901
      CRC-32
      20a06f39
      File type
      Windows executable
      First seen
      2011-09-22
    • c:\Documents and Settings\test user\Local Settings\Temp\wuacult.exe_ADS_AlternateDataStream_Found_zone.identifier
    Registry Keys Created
    • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
      WarnonZoneCrossing
      0x00000000
    HTTP Requests
    • http://belgacombe.sytes.net/
    • http://belgacombe.sytes.net/direct.aspx
    • http://belgacombe.sytes.net/error.aspx
    DNS Requests
    • belgacombe.sytes.net

    Example 2

    File Information

    Size
    65K
    SHA-1
    865e87920eca5d05766b96f8666274eacb31234e
    MD5
    52f557953c7dba2eee513f0d0cc909a3
    CRC-32
    a5f8407f
    File type
    Windows executable
    First seen
    2012-05-24

    Runtime Analysis

    Dropped Files
    • c:\Documents and Settings\test user\Local Settings\Temp\wuacult.exe
      Size
      380K
      SHA-1
      be2048c3f8df028b6000156b946a25b526d4ff79
      MD5
      a6bb557725570377cb84823328e94901
      CRC-32
      20a06f39
      File type
      Windows executable
      First seen
      2011-09-22
    • c:\Documents and Settings\test user\Local Settings\Temp\wuacult.exe_ADS_AlternateDataStream_Found_zone.identifier
    Registry Keys Created
    • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
      WarnOnPostRedirect
      0x00000000
    HTTP Requests
    • http://www.wmicrosoftw3.com/
    • http://www.wmicrosoftw3.com/direct.aspx
    DNS Requests
    • www.wmicrosoftw3.com

    Example 3

    File Information

    Size
    65K
    SHA-1
    ea38563d3a465d135ebb45de66f559677a1a7420
    MD5
    f47966e63ffb07ec6cd43b74663936b3
    CRC-32
    c19adede
    File type
    Windows executable
    First seen
    2012-05-24

    Runtime Analysis

    Dropped Files
    • c:\Documents and Settings\test user\Local Settings\Temp\wuacult.exe_ADS_AlternateDataStream_Found_zone.identifier
    • c:\Documents and Settings\test user\Local Settings\Temp\wuacult.exe
      Size
      380K
      SHA-1
      be2048c3f8df028b6000156b946a25b526d4ff79
      MD5
      a6bb557725570377cb84823328e94901
      CRC-32
      20a06f39
      File type
      Windows executable
      First seen
      2011-09-22
    Registry Keys Created
    • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
      WarnOnPostRedirect
      0x00000000
    HTTP Requests
    • http://nytimes.myvnc.com/
    • http://nytimes.myvnc.com/direct.aspx
    DNS Requests
    • nytimes.myvnc.com

    Download Sophos HomeDownload
    Sophos Home

    Free business-grade security for the home.

    Endpoint Protection