Troj/Snifie-B

Category: Viruses and SpywareProtection available since:17 Dec 2013 05:23:49 (GMT)
Type: TrojanLast Updated:21 Feb 2014 21:44:24 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Snifie-B include:

Example 1

File Information

Size
42K
SHA-1
6b634801fd49df0a3cd5d6dcf3183a78c10c8221
MD5
b6c15355030779bf1e495935d90241ee
CRC-32
385c6d7d
File type
Windows executable
First seen
2013-12-05

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Application Data\Windows Wins\mswins64.exe
Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Application Data\Windows Wins\mswins64.dll
Processes Created
  • c:\windows\system32\cmd.exe
  • c:\windows\system32\findstr.exe
  • c:\windows\system32\tasklist.exe

Example 2

File Information

Size
42K
SHA-1
8c08c65adf56ece90c1e652fb93432888293bf09
MD5
b0742172dfda0929aac8c98337e773f8
CRC-32
74aa0b5d
File type
Windows executable
First seen
2013-11-25

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Application Data\Windows Wins\mswins64.exe
Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Application Data\Windows Wins\mswins64.dll
Processes Created
  • c:\windows\system32\cmd.exe
  • c:\windows\system32\findstr.exe
  • c:\windows\system32\tasklist.exe

Example 3

File Information

Size
38K
SHA-1
92a29503d88dd20ee719a6baf113a444a3542b44
MD5
9c4eb08295759325a11ac0a6854d30f2
CRC-32
f3af1bce
File type
Windows executable
First seen
2013-05-05

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Local Settings\Application Data\Windows Update\wuauserv.exe
Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Application Data\Windows Update\wuauserv.dll
Processes Created
  • c:\windows\system32\cmd.exe
  • c:\windows\system32\findstr.exe
  • c:\windows\system32\tasklist.exe