Troj/Wonton-PS

Category: Viruses and SpywareProtection available since:10 Apr 2015 06:01:28 (GMT)
Type: TrojanLast Updated:15 May 2015 16:18:49 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Wonton-PS include:

Example 1

File Information

Size
228K
SHA-1
02f471d8e9b472fbcd031bc8b646a9f91dce0d34
MD5
3ab9f7bfb83d833ed5cac0dd57231b52
CRC-32
6b5bb821
File type
Windows executable
First seen
2015-03-21

Runtime Analysis

Processes Created
  • c:\windows\system32\winver.exe
DNS Requests
  • bcnyibqfbyrr.com
  • bcqxdvgxpkbb.com
  • blackfreeqazyio.cc
  • clcsiuymhbbj.com
  • cpdmjkwiptef.com
  • cpdudyjttkkx.com
  • cshyyniueefk.com
  • dlohcvfyiqjx.com
  • ghhllyblwbnp.com
  • grvrsklpkott.com
  • gvnpnmdnchhw.com
  • gvppwxtdhfed.com
  • hggxhhhpltpj.com
  • hgvijfgpmfmv.com
  • hitpxvurjqbj.com
  • hjtwssgnnqrj.com
  • hptvvvdgxguu.com
  • hpyjdllclmjw.com
  • hqogjiujstsf.com
  • hwbclewlhkjm.com
  • imqlxttnymmy.com
  • imtlmqvwrmjk.com
  • iulydooelfno.com
  • jjiponiwnodg.com
  • jltbbrffrrgd.com
  • jxevtksxwibg.com
  • kkgctymuubef.com
  • lcrymryllgbc.com
  • llmuusogddlg.com
  • lpguggvjcwve.com
  • lpppwvulmrop.com
  • ltdsvuglifrv.com
  • ltxqdnwiijby.com
  • lxwcsfudnwsk.com
  • nfypddikhnip.com
  • nijqhmmeedcq.com
  • nkvvsswwwksi.com
  • nvfowikhevmy.com
  • ocggbyonqtun.com
  • odgmmjwsdsrb.com
  • odohdpwfvfud.com
  • odtdtihsmqdp.com
  • ogwbixihlrip.com
  • ogwcjypfehdw.com
  • ohueqqrjfwnf.com
  • ohxgdcfwuimg.com
  • oimehhhddjyb.com
  • oirytuwpxxef.com
  • onbchiwtxwwx.com
  • ooibcstterum.com
  • ooltunrmtrmy.com
  • ooopgeyhqnni.com
  • oopqitsrrixc.com
  • opfggxwopfkk.com
  • opxhemqgknqj.com
  • oqckhpiyqqll.com
  • oqgoossekhir.com
  • oqxvkgnpxhyi.com
  • ospsfwxwwbsd.com
  • oursreqboqrj.com
  • ourujryoncjb.com
  • ovbcdqqmbhoo.com
  • oykjietwrmlw.com
  • phvehhoejjvn.com
  • pneidxmfmcpe.com
  • pneiidkjihvf.com
  • pxgbtnfybgxi.com
  • pxqgonyogeee.com
  • pyurbvsihkoo.com
  • qdttipqnsren.com
  • rftsxlcgfmmn.com
  • rrirbcpqrsxw.com
  • sjhuqlwrqhqx.com
  • sjvqycppifih.com
  • sjyqvsnymeur.com
  • slcsccpjohpj.com
  • sqqdkoohejgl.com
  • srqpkllgskhw.com
  • swvwwwpjbedw.com
  • ttbcfmqdtlxo.com
  • ttpxryfbcdly.com
  • ttwefowwdyyy.com
  • tuumuorqgvwg.com
  • tuupiyyjnuyh.com
  • txlhnbhuufwd.com
  • uddurstpbiur.com
  • udehrydmrkdt.com
  • uleepxtursfe.com
  • ulpuqvvvyxyy.com
  • uuummdqifcon.com
  • uuuutebcdtgh.com
  • uvvpwmdoocgw.com
  • uvvrknjvrkqn.com
  • wislmudddliw.com
  • wkpiqjpmqlsp.com
  • www.google.com
  • xgbremrrwjjp.com
  • xthiocgkedts.com
  • xxdedjijspof.com
  • yhskvvqbxclu.com
  • ykmyutoxjuqj.com
  • yyqyhyviycru.com

Example 2

File Information

Size
189K
SHA-1
041350ef237e119469be78e1e004794b6a288507
MD5
1656b0101dafa9aa1de6a67c5ab33c62
CRC-32
37a233eb
File type
Windows executable
First seen
2015-03-21

Runtime Analysis

Processes Created
  • c:\windows\system32\winver.exe
DNS Requests
  • bcnyibqfbyrr.com
  • bcqxdvgxpkbb.com
  • blackfreeqazyio.cc
  • clcsiuymhbbj.com
  • cpdmjkwiptef.com
  • cpdudyjttkkx.com
  • cshyyniueefk.com
  • dlohcvfyiqjx.com
  • ghhllyblwbnp.com
  • grvrsklpkott.com
  • gvnpnmdnchhw.com
  • gvppwxtdhfed.com
  • hggxhhhpltpj.com
  • hgvijfgpmfmv.com
  • hitpxvurjqbj.com
  • hjtwssgnnqrj.com
  • hptvvvdgxguu.com
  • hpyjdllclmjw.com
  • hqogjiujstsf.com
  • hwbclewlhkjm.com
  • imqlxttnymmy.com
  • imtlmqvwrmjk.com
  • iulydooelfno.com
  • jjiponiwnodg.com
  • jltbbrffrrgd.com
  • jxevtksxwibg.com
  • kkgctymuubef.com
  • lcrymryllgbc.com
  • llmuusogddlg.com
  • lpguggvjcwve.com
  • lpppwvulmrop.com
  • ltdsvuglifrv.com
  • ltxqdnwiijby.com
  • lxwcsfudnwsk.com
  • nfypddikhnip.com
  • nijqhmmeedcq.com
  • nkvvsswwwksi.com
  • nvfowikhevmy.com
  • ocggbyonqtun.com
  • odgmmjwsdsrb.com
  • odohdpwfvfud.com
  • odtdtihsmqdp.com
  • ogwbixihlrip.com
  • ogwcjypfehdw.com
  • ohueqqrjfwnf.com
  • ohxgdcfwuimg.com
  • oimehhhddjyb.com
  • oirytuwpxxef.com
  • onbchiwtxwwx.com
  • ooibcstterum.com
  • ooltunrmtrmy.com
  • ooopgeyhqnni.com
  • oopqitsrrixc.com
  • opfggxwopfkk.com
  • opxhemqgknqj.com
  • oqckhpiyqqll.com
  • oqgoossekhir.com
  • oqxvkgnpxhyi.com
  • ospsfwxwwbsd.com
  • oursreqboqrj.com
  • ourujryoncjb.com
  • ovbcdqqmbhoo.com
  • oykjietwrmlw.com
  • phvehhoejjvn.com
  • pneidxmfmcpe.com
  • pneiidkjihvf.com
  • pxgbtnfybgxi.com
  • pxqgonyogeee.com
  • pyurbvsihkoo.com
  • qdttipqnsren.com
  • rftsxlcgfmmn.com
  • rrirbcpqrsxw.com
  • sjhuqlwrqhqx.com
  • sjvqycppifih.com
  • sjyqvsnymeur.com
  • slcsccpjohpj.com
  • sqqdkoohejgl.com
  • srqpkllgskhw.com
  • swvwwwpjbedw.com
  • ttbcfmqdtlxo.com
  • ttpxryfbcdly.com
  • ttwefowwdyyy.com
  • tuumuorqgvwg.com
  • tuupiyyjnuyh.com
  • txlhnbhuufwd.com
  • uddurstpbiur.com
  • udehrydmrkdt.com
  • uleepxtursfe.com
  • ulpuqvvvyxyy.com
  • uuummdqifcon.com
  • uuuutebcdtgh.com
  • uvvpwmdoocgw.com
  • uvvrknjvrkqn.com
  • wislmudddliw.com
  • wkpiqjpmqlsp.com
  • www.google.com
  • xgbremrrwjjp.com
  • xthiocgkedts.com
  • xxdedjijspof.com
  • yhskvvqbxclu.com
  • ykmyutoxjuqj.com
  • yyqyhyviycru.com

Example 3

File Information

Size
187K
SHA-1
07331290986259f89965f69211d37de4428a88a6
MD5
183f6a281b8026d7efdfc70a48f3a4de
CRC-32
4156366a
File type
Windows executable
First seen
2015-03-21

Runtime Analysis

Processes Created
  • c:\windows\system32\winver.exe
DNS Requests
  • bcnyibqfbyrr.com
  • bcqxdvgxpkbb.com
  • blackfreeqazyio.cc
  • clcsiuymhbbj.com
  • cpdmjkwiptef.com
  • cpdudyjttkkx.com
  • cshyyniueefk.com
  • dlohcvfyiqjx.com
  • ghhllyblwbnp.com
  • grvrsklpkott.com
  • gvnpnmdnchhw.com
  • gvppwxtdhfed.com
  • hggxhhhpltpj.com
  • hgvijfgpmfmv.com
  • hitpxvurjqbj.com
  • hjtwssgnnqrj.com
  • hptvvvdgxguu.com
  • hpyjdllclmjw.com
  • hqogjiujstsf.com
  • hwbclewlhkjm.com
  • imqlxttnymmy.com
  • imtlmqvwrmjk.com
  • iulydooelfno.com
  • jjiponiwnodg.com
  • jltbbrffrrgd.com
  • jxevtksxwibg.com
  • kkgctymuubef.com
  • lcrymryllgbc.com
  • llmuusogddlg.com
  • lpguggvjcwve.com
  • lpppwvulmrop.com
  • ltdsvuglifrv.com
  • ltxqdnwiijby.com
  • lxwcsfudnwsk.com
  • nfypddikhnip.com
  • nijqhmmeedcq.com
  • nkvvsswwwksi.com
  • nvfowikhevmy.com
  • ocggbyonqtun.com
  • odgmmjwsdsrb.com
  • odohdpwfvfud.com
  • odtdtihsmqdp.com
  • ogwbixihlrip.com
  • ogwcjypfehdw.com
  • ohueqqrjfwnf.com
  • ohxgdcfwuimg.com
  • oimehhhddjyb.com
  • oirytuwpxxef.com
  • onbchiwtxwwx.com
  • ooibcstterum.com
  • ooltunrmtrmy.com
  • ooopgeyhqnni.com
  • oopqitsrrixc.com
  • opfggxwopfkk.com
  • opxhemqgknqj.com
  • oqckhpiyqqll.com
  • oqgoossekhir.com
  • oqxvkgnpxhyi.com
  • ospsfwxwwbsd.com
  • oursreqboqrj.com
  • ourujryoncjb.com
  • ovbcdqqmbhoo.com
  • oykjietwrmlw.com
  • phvehhoejjvn.com
  • pneidxmfmcpe.com
  • pneiidkjihvf.com
  • pxgbtnfybgxi.com
  • pxqgonyogeee.com
  • pyurbvsihkoo.com
  • qdttipqnsren.com
  • rftsxlcgfmmn.com
  • rrirbcpqrsxw.com
  • sjhuqlwrqhqx.com
  • sjvqycppifih.com
  • sjyqvsnymeur.com
  • slcsccpjohpj.com
  • sqqdkoohejgl.com
  • srqpkllgskhw.com
  • swvwwwpjbedw.com
  • ttbcfmqdtlxo.com
  • ttpxryfbcdly.com
  • ttwefowwdyyy.com
  • tuumuorqgvwg.com
  • tuupiyyjnuyh.com
  • txlhnbhuufwd.com
  • uddurstpbiur.com
  • udehrydmrkdt.com
  • uleepxtursfe.com
  • ulpuqvvvyxyy.com
  • uuummdqifcon.com
  • uuuutebcdtgh.com
  • uvvpwmdoocgw.com
  • uvvrknjvrkqn.com
  • wislmudddliw.com
  • wkpiqjpmqlsp.com
  • www.google.com
  • xgbremrrwjjp.com
  • xthiocgkedts.com
  • xxdedjijspof.com
  • yhskvvqbxclu.com
  • ykmyutoxjuqj.com
  • yyqyhyviycru.com