Troj/Ransom-EHN

Category: Viruses and SpywareProtection available since:28 Feb 2017 22:32:29 (GMT)
Type: TrojanLast Updated:28 Feb 2017 22:32:29 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Ransom-EHN exhibits the following characteristics:

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Application Data\wolverines.dll
  • c:\Documents and Settings\test user\Application Data\bg_blackhalo.png
  • c:\Documents and Settings\test user\Application Data\icon_copypaste_active.png
    Size
    517
    SHA-1
    47ce6dff2a416f11044f2e3338f44b6bbc56c354
    MD5
    48b3e63b2aed6ec27ab691f2e73a5e84
    CRC-32
    6510ebae
    File type
    image/x-png
    First seen
    2017-02-16
  • c:\Documents and Settings\test user\Local Settings\Temp\nsu4.tmp\nsDialogs.dll
  • c:\Documents and Settings\test user\Application Data\icon_makeoffer_inactive.png
    Size
    372
    SHA-1
    e1e89eb9875afc4666a87aad8a642261bae31d09
    MD5
    8b95e799921f25179fc0fe098a0686d5
    CRC-32
    f4e584bc
    File type
    image/x-png
    First seen
    2017-02-28
  • c:\Documents and Settings\test user\Local Settings\Temp\nsu4.tmp\System.dll
  • c:\Documents and Settings\test user\Application Data\icon_recieve_inactive.png
    Size
    401
    SHA-1
    d4f61403333ebc8314a742e46c09915ddb30ec9d
    MD5
    8cd57455ec0aa780c42436423bd4eedf
    CRC-32
    0c025e78
    File type
    image/x-png
    First seen
    2017-02-28
  • c:\Documents and Settings\test user\Application Data\icon_contacts_inactive.png
    Size
    388
    SHA-1
    defd2a120799f9a4733d54aa1cefc596bca36d8a
    MD5
    303d4dd1e3eb1ff28b90f4ddc85ea76a
    CRC-32
    ad53f662
    First seen
    2017-02-17
  • c:\Documents and Settings\test user\Application Data\Edentate.gX