Troj/VBInjec-CG

Category: Viruses and SpywareProtection available since:11 Feb 2011 14:45:13 (GMT)
Type: TrojanLast Updated:11 Feb 2011 14:45:13 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/VBInjec-CG exhibits the following characteristics:

File Information

Size
864K
SHA-1
30aca2ff6eb6504fab163e05d698cb0600a18c3c
MD5
adc4088201e902c6c39dedd789b61d95
CRC-32
0dc4dbaf
File type
application/x-ms-dos-executable
First seen
2011-02-11

Other vendor detection

Avira
TR/Dropper.Gen
Kaspersky
Backdoor.Win32.VB.msu

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Application Data\Windupdt\adobeupdate.exe
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    adobe32
    c:\Documents and Settings\test user\Application Data\Windupdt\adobeupdate.exe
Registry Keys Modified
  • HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
    Userinit
    C:\WINDOWS\system32\userinit.exe,c:\Documents and Settings\test user\Application Data\Windupdt\adobeupdate.exe
Processes Created
  • c:\documents and settings\support\application data\windupdt\adobeupdate.exe
DNS Requests
  • qay345.zapto.org