24.08.2012, 08:49
Malware info:
SHA256: 1496587628524b2b625e450bcd97cb5a8b62279396a10986cf8d3d2cfc684a8f
SHA1: f8dd5046c92d79a0ca932eca5e97c2f6de481c5b
MD5: 684d444c7a057c078496b0c2a7a698a6
File size: 497.7 KB ( 509670 bytes )
VT info (21/42):
Changes in the system:
SHA256: 1496587628524b2b625e450bcd97cb5a8b62279396a10986cf8d3d2cfc684a8f
SHA1: f8dd5046c92d79a0ca932eca5e97c2f6de481c5b
MD5: 684d444c7a057c078496b0c2a7a698a6
File size: 497.7 KB ( 509670 bytes )
VT info (21/42):
[Aby zobaczyć linki, zarejestruj się tutaj]
Changes in the system:
- Registry Key:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\SystemWin: "rundll32 "%Local Appdata%\win.dll,run""
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\SystemWin2: "rundll32 "%Local Appdata%\win2.dll,run""
Files:
%Local Appdata%\win.dll
%Local Appdata%\win.dys
%Local Appdata%\win2.dll
Treść widoczna jedynie dla zarejestrowanych użytkowników