Troj/Zbot-LVQ

Category: Viruses and Spyware Protection available since:06 Dec 2017 17:00:18 (GMT)
Type: Trojan Last Updated:06 Dec 2017 17:00:18 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of Troj/Zbot-LVQ include:

Example 1

File Information

Size
99K
SHA-1
c1bfa4f2ab3e5f2d47b6f6516b1ba6843df537a1
MD5
497556ee295ca22a1cb0560fbc3629bc
CRC-32
f08c27a5
File type
Windows executable
First seen
2017-11-29

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Application Data\Microsoft\hostrun.exe
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    {4C55E6E8-044E-11DF-8031-806D6172696F}
    c:\Documents and Settings\test user\Application Data\Microsoft\hostrun.exe
Processes Created
  • c:\Documents and Settings\test user\application data\microsoft\hostrun.exe
  • c:\windows\system32\cmd.exe
DNS Requests
  • bendopedro.jino.ru
  • bendopedro22.ru
  • bendopedro44.ru

Example 2

File Information

Size
99K
SHA-1
cd44725e69cbc5debf508a41a69e123a24c97c15
MD5
0a02ec380e858e0148eb36b3dcf02356
CRC-32
818e8d3d
File type
Windows executable
First seen
2017-11-15

Runtime Analysis

Copies Itself To
  • c:\Documents and Settings\test user\Application Data\Microsoft\hostrun.exe
Registry Keys Created
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    {4C55E6E8-044E-11DF-8031-806D6172696F}
    c:\Documents and Settings\test user\Application Data\Microsoft\hostrun.exe
Processes Created
  • c:\Documents and Settings\test user\application data\microsoft\hostrun.exe
  • c:\windows\system32\cmd.exe
DNS Requests
  • bendopedro.jino.ru
  • bendopedro22.ru
  • bendopedro44.ru

download Try Sophos products for free
Download now