Troj/PWS-BXJ

Category: Viruses and Spyware Protection available since:25 May 2012 02:05:49 (GMT)
Type: Trojan Last Updated:25 May 2012 02:05:49 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/PWS-BXJ include:

Example 1

File Information

Size
69K
SHA-1
12adff16108519d0e85d88c17964454f796e1024
MD5
98c6e985266f4258c79727449964c25b
CRC-32
14a59f4d
File type
Windows executable
First seen
2012-04-18

Other vendor detection

Avira
TR/Crypt.FKM.Gen

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\wuacult.exe
    Size
    380K
    SHA-1
    be2048c3f8df028b6000156b946a25b526d4ff79
    MD5
    a6bb557725570377cb84823328e94901
    CRC-32
    20a06f39
    File type
    Windows executable
    First seen
    2011-09-22
  • c:\Documents and Settings\test user\Local Settings\Temp\wuacult.exe_ADS_AlternateDataStream_Found_zone.identifier
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    WarnonZoneCrossing
    0x00000000
HTTP Requests
  • http://belgacombe.sytes.net/
  • http://belgacombe.sytes.net/direct.aspx
  • http://belgacombe.sytes.net/error.aspx
DNS Requests
  • belgacombe.sytes.net

Example 2

File Information

Size
65K
SHA-1
865e87920eca5d05766b96f8666274eacb31234e
MD5
52f557953c7dba2eee513f0d0cc909a3
CRC-32
a5f8407f
File type
Windows executable
First seen
2012-05-24

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\wuacult.exe
    Size
    380K
    SHA-1
    be2048c3f8df028b6000156b946a25b526d4ff79
    MD5
    a6bb557725570377cb84823328e94901
    CRC-32
    20a06f39
    File type
    Windows executable
    First seen
    2011-09-22
  • c:\Documents and Settings\test user\Local Settings\Temp\wuacult.exe_ADS_AlternateDataStream_Found_zone.identifier
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    WarnOnPostRedirect
    0x00000000
HTTP Requests
  • http://www.wmicrosoftw3.com/
  • http://www.wmicrosoftw3.com/direct.aspx
DNS Requests
  • www.wmicrosoftw3.com

Example 3

File Information

Size
65K
SHA-1
ea38563d3a465d135ebb45de66f559677a1a7420
MD5
f47966e63ffb07ec6cd43b74663936b3
CRC-32
c19adede
File type
Windows executable
First seen
2012-05-24

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\wuacult.exe_ADS_AlternateDataStream_Found_zone.identifier
  • c:\Documents and Settings\test user\Local Settings\Temp\wuacult.exe
    Size
    380K
    SHA-1
    be2048c3f8df028b6000156b946a25b526d4ff79
    MD5
    a6bb557725570377cb84823328e94901
    CRC-32
    20a06f39
    File type
    Windows executable
    First seen
    2011-09-22
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings
    WarnOnPostRedirect
    0x00000000
HTTP Requests
  • http://nytimes.myvnc.com/
  • http://nytimes.myvnc.com/direct.aspx
DNS Requests
  • nytimes.myvnc.com

download Try Sophos products for free
Download now