Troj/Trackr-Gen

    Category: Viruses and SpywareProtection available since:21 Nov 2011 18:09:08 (GMT)
    Type: TrojanLast Updated:30 May 2013 20:04:36 (GMT)
    Prevalence: Small Number of Reports

    Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

    This Trojan steals Credit card Track1 and Track2 information from PoS systems. We have seen this used in targeted attacks.

    Examples of Troj/Trackr-Gen include:

    Example 1

    File Information

    Size
    281K
    SHA-1
    009e03c17b15848a4353fb77972a24cd2dc4b2e2
    MD5
    743b8fb5ba1fca837f0294cfa45f2911
    CRC-32
    ce98e598
    File type
    Windows executable
    First seen
    2013-03-28

    Example 2

    File Information

    Size
    626K
    SHA-1
    13ef5f8e812a692c0893ad935b48b3f1a4aec615
    MD5
    d31eb6e7f39dde0c2015dc2804c84a85
    CRC-32
    0c04b069
    File type
    Windows executable
    First seen
    2007-07-28

    Runtime Analysis

    Copies Itself To
    • c:\Documents and Settings\test user\Application Data\ALINA_QWTPBT.exe
    Registry Keys Created
    • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
      ALINAhuahs
      c:\Documents and Settings\test user\Application Data\ALINA_QWTPBT.exe
    Processes Created
    • c:\Documents and Settings\test user\application data\alina_qwtpbt.exe

    Example 3

    File Information

    Size
    129K
    SHA-1
    17f20105db8c8d3c7160b906415343415c665d1d
    MD5
    3696d72af97cad345375bea91561146e
    CRC-32
    e3f703fd
    File type
    application/x-ms-dos-executable
    First seen
    2011-07-20

    Download Sophos HomeDownload
    Sophos Home

    Free business-grade security for the home.

    Endpoint Protection