Troj/Xrat-R

Category: Viruses and Spyware Protection available since:12 Dec 2016 00:22:18 (GMT)
Type: Trojan Last Updated:12 Dec 2016 00:22:18 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Xrat-R exhibits the following characteristics:

File Information

Size
1.1M
SHA-1
5c533a9f95f69c98f5926810f0cf78fa7a6cf447
MD5
c6e081d416d2bde4d450f7dc34c1351c
CRC-32
f70ab7ef
File type
Windows executable
First seen
2016-12-11

Runtime Analysis

Registry Keys Created
  • HKCU\Software\zUB8dknwC
    InstalledServer
    c:\Documents and Settings\test user\Application Data\f6hjg\28dpo.exe
  • HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
    GWlgQh
    C:\GWlgQhGWlgQh\GWlgQh.vbs
Processes Created
  • c:\Documents and Settings\test user\application data\f6hjg\28dpo.exe
  • c:\windows\microsoft.net\framework\v2.0.50727\csc.exe
HTTP Requests
  • http://dryversdocumentsandcustom.com/0ff1c3v4l1dKey2017.exe
DNS Requests
  • c0pywins.is-not-certified.com
  • dryversdocumentsandcustom.com
  • h1h1tl3r.click
  • k4l1m3r4.publicvm.com
  • sslwin.moneyhome.biz
  • wins10up.16-b.it

download Try Sophos products for free
Download now