Troj/VB-FIE

    Category: Viruses and SpywareProtection available since:13 Jun 2011 07:40:50 (GMT)
    Type: TrojanLast Updated:13 Jun 2011 07:40:50 (GMT)
    Prevalence: Small Number of Reports

    Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

    Troj/VB-FIE exhibits the following characteristics:

    File Information

    Size
    804K
    SHA-1
    ffea5af75fcbefb0c8656e69cd552436c2b47749
    MD5
    1becd907771df1919ae4b98f6e48a4d1
    CRC-32
    00e65919
    File type
    application/x-ms-dos-executable
    First seen
    2011-06-13

    Runtime Analysis

    Copies Itself To
    • c:\Documents and Settings\test user\Wins7\msmm.exe
    Dropped Files
    • c:\Documents and Settings\test user\Local Settings\Temp\~DF9FFB.tmp
      Size
      16K
      SHA-1
      6119e0197a1919badd959b904298b0a158d69b02
      MD5
      614b7e36e27f915ee7bd8234d9068002
      CRC-32
      916b9da7
      File type
      application/octet-stream
      First seen
      2010-11-03
    • c:\Documents and Settings\test user\Start Menu\Programs\Startups\desktop.ini
    Modified Files
    • %STARTMENU%\Programs\Startup
      • Set the hidden and system flags
    Registry Keys Created
    • HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
      C:\WINDOWS\system32\cmd.exe
      RUNASADMIN
    Processes Created
    • c:\documents and settings\support\wins7\msmm.exe

    Download Sophos HomeDownload
    Sophos Home

    Free business-grade security for the home.

    Endpoint Protection