Troj/Redyms-D

Category: Viruses and Spyware Protection available since:06 Mar 2013 19:44:38 (GMT)
Type: Trojan Last Updated:06 Mar 2013 19:44:38 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Redyms-D exhibits the following characteristics:

File Information

Size
116K
SHA-1
83235f7ed4d74e8658010b146d54be389260f68a
MD5
88c357ee0735c5e23d6cdbddd2b20daf
CRC-32
8a2320fe
File type
Windows executable
First seen
2013-03-06

Runtime Analysis

Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
    cababaafcad
    c:\Documents and Settings\test user\Application Data\26c19984-2a01-45b5-a7b3-a568af60c200ad\cababaafcad.exe
  • HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION
    winhlp32.exe
    0x00001f40
  • HKCU\Software\Adobe\CSXS.2.5
    tLastP_Reader
    □)□□□□ r□□□□□□□@□□□□□□A□□0□□-□P□□P<□□□□ □□
Processes Created
  • c:\windows\twunk_32.exe
HTTP Requests
  • http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
  • http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
  • http://www.microsoft.com/
DNS Requests
  • fpdownload.macromedia.com
  • fpdownload2.macromedia.com
  • jwitdukznswzbk.net
  • www.microsoft.com