04.07.2012, 05:01
Malware info:
SHA256: 78171c18d2a7dc80b3e37e3cbeb4d3c22c8173cd541e0a22eecadc1b1178059e
SHA1: 9e6b282ab5c761df99178f70275998d2feb6e82a
MD5: 68977b34ae1c089cd28d95769badd67a
File size:458752 bytes
VT info (28/42):
Changes in the system:
Dodano: 04 Jul 2012, 8:01
Malware info:
SHA256: 219a034c7db02a3bf1dc421fa786e573b1d2afa5803b670a7d9ac11b9980f965
SHA1: 002da7d2f61a3f06405f7790d03e22412c8016e4
MD5: 032d6bfa188df96cc57012b469870712
File size:bytes
VT info (34/42):
Changes in the system:
SHA256: 78171c18d2a7dc80b3e37e3cbeb4d3c22c8173cd541e0a22eecadc1b1178059e
SHA1: 9e6b282ab5c761df99178f70275998d2feb6e82a
MD5: 68977b34ae1c089cd28d95769badd67a
File size:458752 bytes
VT info (28/42):
[Aby zobaczyć linki, zarejestruj się tutaj]
Changes in the system:
- Registry Key:
HKLM\Software\Microsoft\Active Setup\Installed Components\{A0EAAA05-D3A2-4AEF-CF07-ACBC6959F15F}\StubPath: "%Appdata%\S8FRKQM7K2.exe"
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\run\Windows Defender: "%Appdata%\S8FRKQM7K2.exe"
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Windows Defender: "%Appdata%\S8FRKQM7K2.exe"
HKCU\Software\Microsoft\Active Setup\Installed Components\{A0EAAA05-D3A2-4AEF-CF07-ACBC6959F15F}\StubPath: "%Appdata%\S8FRKQM7K2.exe"
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Windows Defender: "%Appdata%\S8FRKQM7K2.exe"
Files:
%Appdata%\S8FRKQM7K2.exe
%Appdata%\windows update
Treść widoczna jedynie dla zarejestrowanych użytkowników
Dodano: 04 Jul 2012, 8:01
Malware info:
SHA256: 219a034c7db02a3bf1dc421fa786e573b1d2afa5803b670a7d9ac11b9980f965
SHA1: 002da7d2f61a3f06405f7790d03e22412c8016e4
MD5: 032d6bfa188df96cc57012b469870712
File size:bytes
VT info (34/42):
[Aby zobaczyć linki, zarejestruj się tutaj]
Changes in the system:
- Registry Key:
HKLM\System\CurrentControlSet\Services\win32x\ImagePath: "\??\%SysDir%\drivers\win32x.sys"
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\529C50D8212C2CDD013C3344D151FC4E: "%Common Appdata%\529C50D8212C2CDD013C3344D151FC4E\529C50D8212C2CDD013C3344D151FC4E.exe"
Files:
%Desktop%\Live Security Platinum.lnk
%Temp%\c923026132d91e02.exe
%Programs%\Live Security Platinum\Live Security Platinum.lnk
%Common Appdata%\529C50D8212C2CDD013C3344D151FC4E\529C50D8212C2CDD013C3344D151FC4E
%Common Appdata%\529C50D8212C2CDD013C3344D151FC4E\529C50D8212C2CDD013C3344D151FC4E.exe - random filename
%SysDir%\drivers\win32x.sys
%SysDir%\win32x.exe
Treść widoczna jedynie dla zarejestrowanych użytkowników