Troj/Trackr-AN

    Category: Viruses and SpywareProtection available since:08 Apr 2015 23:21:25 (GMT)
    Type: TrojanLast Updated:08 Apr 2015 23:21:25 (GMT)
    Prevalence: Small Number of Reports

    Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

    Examples of Troj/Trackr-AN include:

    Example 1

    File Information

    Size
    296K
    SHA-1
    b1983db46e0cb4687e4c55b64c4d8d53551877fa
    MD5
    c86327222d873fb4e12900a5cadcb849
    CRC-32
    739d4f70
    File type
    Windows executable
    First seen
    2011-05-13

    Runtime Analysis

    Copies Itself To
    • C:\WINDOWS\system32\wnhelp.exe
    Dropped Files
    • C:\WINDOWS\system32\perfb419.dat
      Size
      35
      SHA-1
      4fa316d71e2be262313fd27cd94bf65cc210219e
      MD5
      e4111f64a4f3c5eda6d260597f49235c
      CRC-32
      7cd92f8f
      File type
      ASCII text / 8-bit Unicode Transformation Format
      First seen
      2015-04-08
    • C:\WINDOWS\system32\DebugConsole.log
      Size
      62
      SHA-1
      33c64166ef327562fcf92f3789c46347ad8310ff
      MD5
      2f77f6d70d001c49f2a8310d8195387f
      CRC-32
      da016acf
      File type
      Data Log File (generic)
      First seen
      2015-04-08
    • C:\bin\DebugConsole.log
      Size
      122
      SHA-1
      18b826445a2cb0c110cd90cc6ec860c54f028f2d
      MD5
      0aaa991339a0ad081d3a96d9fe7728dc
      CRC-32
      4c9c98f8
      File type
      Data Log File (generic)
      First seen
      2015-04-08
    Registry Keys Created
    • HKLM\SYSTEM\CurrentControlSet\Services\Windows Media Help\Security
      Security
      □□□@□□□□□□□□□□□□□□@□□□□□□□□□□□ □□□□□□□□□□□ □□@□□□□□□□□□□□□□□□□□□□□□□□□□□ □□□□□@□□□□□□□□@□□□□□ □□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□@□□□□□ □□□□□□□□□□□□□□□□□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□□□□0□□□□□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□ □□□□□
    • HKLM\SYSTEM\CurrentControlSet\Services\Windows Media Help\Enum
      NextInstance
      0x00000001
    • HKLM\SYSTEM\CurrentControlSet\Services\Windows Media Help
      FailureActions
      □□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□N□□□□
    Processes Created
    • c:\windows\system32\wnhelp.exe

    Example 2

    File Information

    File type
    Windows executable

    Runtime Analysis

    Copies Itself To
    • C:\WINDOWS\system32\wnhelp.exe
    Dropped Files
    • C:\bin\DebugConsole.log
      Size
      122
      SHA-1
      deb1278f05d7c4a5147046360fa074a2fb313472
      MD5
      38b47922d31b46ffa44cde7fcae480b6
      CRC-32
      4b118a62
      File type
      Data Log File (generic)
      First seen
      2015-04-08
    • C:\WINDOWS\system32\perfb419.dat
      Size
      35
      SHA-1
      34ed01e41bf9fcb00aa7c9ed3f00ea0134770316
      MD5
      7a27d6e4fe6479cc4c449c4db8c6d944
      CRC-32
      b44d0c28
      File type
      ASCII text / 8-bit Unicode Transformation Format
      First seen
      2015-04-08
    • C:\WINDOWS\system32\DebugConsole.log
      Size
      62
      SHA-1
      ebd685945ee35b3f6133541f8e73f88b3e89a149
      MD5
      fc6b6c536c01ef6352c5c00517c9edd2
      CRC-32
      ca4920e4
      File type
      Data Log File (generic)
      First seen
      2015-04-08
    Registry Keys Created
    • HKLM\SYSTEM\CurrentControlSet\Services\Windows Media Help
      FailureActions
      □□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□N□□□□
    • HKLM\SYSTEM\CurrentControlSet\Services\Windows Media Help\Security
      Security
      □□□@□□□□□□□□□□□□□□@□□□□□□□□□□□ □□□□□□□□□□□ □□@□□□□□□□□□□□□□□□□□□□□□□□□□□ □□□□□@□□□□□□□□@□□□□□ □□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□□@□□□□□ □□□□□□□□□□□□□□□□□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□□□□0□□□□□□□□□□□□□□□□□ □□□□□□□□□□□□□□□□□ □□□□□
    • HKLM\SYSTEM\CurrentControlSet\Services\Windows Media Help\Enum
      NextInstance
      0x00000001
    Processes Created
    • c:\windows\system32\wnhelp.exe

    Example 3

    File Information

    File type
    Windows executable

    Download Sophos HomeDownload
    Sophos Home

    Free business-grade security for the home.

    Endpoint Protection