25.06.2012, 05:54
Malware info:
SHA256: 325d479c41be4d7d1868633e0cbe9359763f6ac9e2d1605b0e8e0d312b316411
SHA1: 32f3ef83c395a35b3dd385325bb266b8f3d5d448
MD5: 093b6c23306def4e037462acfde76218
File size: 24064 bytes
VT info (34/42):
Changes in the system:
Dodano: 25 Jun 2012, 8:54
Malware info:
SHA256: 9ae2b000c6752e5481a9c68f107b4be9143f35f5571fbc9f6e85b90c1c9de00a
SHA1: 7ebcff3dc248aa1c5ee38efc799b15a228455252
MD5: d1342fe9bf1ee4c41dc58f43cce4312d
File size: 67072 bytes
VT info (31/40):
Changes in the system:
SHA256: 325d479c41be4d7d1868633e0cbe9359763f6ac9e2d1605b0e8e0d312b316411
SHA1: 32f3ef83c395a35b3dd385325bb266b8f3d5d448
MD5: 093b6c23306def4e037462acfde76218
File size: 24064 bytes
VT info (34/42):
[Aby zobaczyć linki, zarejestruj się tutaj]
Changes in the system:
- Registry Key:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-3958\yuwfive172.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\yuwfive172: C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-3958\yuwfive172.exe
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: explorer.exe,C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-3958\yuwfive172.exe
Files:
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-3958\Desktop.ini
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-3958\yuwfive172.exe
Treść widoczna jedynie dla zarejestrowanych użytkowników
Dodano: 25 Jun 2012, 8:54
Malware info:
SHA256: 9ae2b000c6752e5481a9c68f107b4be9143f35f5571fbc9f6e85b90c1c9de00a
SHA1: 7ebcff3dc248aa1c5ee38efc799b15a228455252
MD5: d1342fe9bf1ee4c41dc58f43cce4312d
File size: 67072 bytes
VT info (31/40):
[Aby zobaczyć linki, zarejestruj się tutaj]
Changes in the system:
- Registry Key:
HKLM\Software\Classes\CLSID\{1D104B21-8112-4C32-880C-0531DC50C7FC}\InprocServer32 : %Program Files%\Windows Live\Messenger\msgstray.dll
Files:
%Program Files%\Windows Live\Messenger\msgstray.dll
Treść widoczna jedynie dla zarejestrowanych użytkowników