22.05.2012, 05:25
Malware info:
SHA256: b7c3018de21b95bf8804415cd9ce2e5df4987e605eec8d26b75500ffdca0ac85
SHA1: 4384bb8a7472c4889ee4dfda250b62e1be6c83bf
MD5: 7944a9eaac350ae8c8a0d2ddfcc07201
File size: 291.5 KB ( 298496 bytes )
VT info (31/42):
Changes in the system:
SHA256: b7c3018de21b95bf8804415cd9ce2e5df4987e605eec8d26b75500ffdca0ac85
SHA1: 4384bb8a7472c4889ee4dfda250b62e1be6c83bf
MD5: 7944a9eaac350ae8c8a0d2ddfcc07201
File size: 291.5 KB ( 298496 bytes )
VT info (31/42):
[Aby zobaczyć linki, zarejestruj się tutaj]
Changes in the system:
- Registry Key:
HKLM\Software\Microsoft\Active Setup\Installed Components\{XeJngJXf-ODXg-ffJf-IGRj-b8ZmzFObCacv}\VX5LWxsct4OYCCz: ""%Appdata%\itunes_service86.exe" /ActiveX"
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\VX5LWxsct4OYCCz: "%Appdata%\itunes_service86.exe"
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\VX5LWxsct4OYCCz: "%Appdata%\itunes_service86.exe"
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: "%Appdata%\itunes_service86.exe"
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: "%Appdata%\itunes_service86.exe,%WinDir%\System32\userinit.exe,"
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: "%Appdata%\itunes_service86.exe"
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: "%Appdata%\itunes_service86.exe,%WinDir%\System32\userinit.exe,"
Files:
%Appdata%\ itunes_service86.exe
Treść widoczna jedynie dla zarejestrowanych użytkowników