Troj/VB-FIE

Category: Viruses and SpywareProtection available since:13 Jun 2011 07:40:50 (GMT)
Type: TrojanLast Updated:13 Jun 2011 07:40:50 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/VB-FIE exhibits the following characteristics:

File Information

Size
804K
SHA-1
ffea5af75fcbefb0c8656e69cd552436c2b47749
MD5
1becd907771df1919ae4b98f6e48a4d1
CRC-32
00e65919
File type
application/x-ms-dos-executable
First seen
2011-06-13

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Wins7\msmm.exe
Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\~DF9FFB.tmp
    Size
    16K
    SHA-1
    6119e0197a1919badd959b904298b0a158d69b02
    MD5
    614b7e36e27f915ee7bd8234d9068002
    CRC-32
    916b9da7
    File type
    application/octet-stream
    First seen
    2010-11-03
  • c:\Documents and Settings\test user\Start Menu\Programs\Startups\desktop.ini
Modified Files
  • %STARTMENU%\Programs\Startup
    • Set the hidden and system flags
Registry Keys Created
  • HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
    C:\WINDOWS\system32\cmd.exe
    RUNASADMIN
Processes Created
  • c:\documents and settings\support\wins7\msmm.exe