W32/CTX-A

Category: Viruses and SpywareProtection available since:06 Jan 2010 14:09:22 (GMT)
Type: Win32 executable file virusLast Updated:18 Nov 2010 08:53:07 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Examples of W32/CTX-A include:

Example 1

Other vendor detection

Avira
W32/CTX
Kaspersky
Virus.Win32.CTX.6886

Runtime Analysis

Dropped Files
  • C:\WINDOWS\OLD4.tmp
    Size
    45K
    SHA-1
    ccc00c58a231800b0d88c5e73bf5acfe1283cb72
    MD5
    1d9737d540513fee9376084be508c7f5
    CRC-32
    554dbee9
    File type
    application/x-ms-dos-executable
    First seen
    2010-10-27
  • C:\WINDOWS\system32\dllcache\slrundll.exe
Modified Files
  • %SYSTEM%\alg.exe
    • Changed the file contents
  • Normal bit was set, now unset
    • Set the archive flag
  • %SYSTEM%\accwiz.exe
    • Changed the file contents
  • %SYSTEM%\actmovie.exe
    • Changed the file contents
  • %WINDOWS%\notepad.exe
    • Changed the file contents
  • %SYSTEM%\asr_fmt.exe
    • Changed the file contents
  • %SYSTEM%\ahui.exe
    • Changed the file contents
  • %WINDOWS%\Contig.exe
    • Changed the file contents
  • %WINDOWS%\regedit.exe
    • Changed the file contents
  • %WINDOWS%\ST5UNST.EXE
    • Changed the file contents

Example 2

File Information

Size
45K
SHA-1
60f24553c5b40f2f4c2a0d148c1237e46be41125
MD5
eda7608ff98301cb03e3face78382975
CRC-32
734b094e
File type
application/x-ms-dos-executable
First seen
2010-10-27

Example 3

File Information

Size
404K
SHA-1
827e0fe13a50c9cdb7e131f7ea3c81e287adadeb
MD5
21902d45f6b2fc5baca60856121bd8fb
CRC-32
d1ad5544
First seen
2010-08-24