Home > malware > Malware Report: 9cbb53ff989bde29144d11f3979517ba14c1f904

Malware Report: 9cbb53ff989bde29144d11f3979517ba14c1f904

October 31st, 2009 xandora Leave a comment Go to comments

File SHA1: 9cbb53ff989bde29144d11f3979517ba14c1f904
File MD5 : d0ecbff048f40385ca1da41b7a45987b
File Type: MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit
Date: Sat Oct 31 01:15:07 MYT 2009

#– Files Created: –

/WINDOWS/system32/lowsec
/WINDOWS/system32/sdra64.exe
/workspace/sample.exe

#– Registry Created: –

[SOFTWARE]
[SYSTEM]
[SECURITIES]
[DEFAULT]
+ [default\Software\Microsoft\Protected Storage System Provider\S-1-5-18\Data 2\Windows]
+ [default\Software\Microsoft\Protected Storage System Provider\S-1-5-18\Data 2]
+ [default\Software\Microsoft\Protected Storage System Provider\S-1-5-18]
+ [default\Software\Microsoft\Protected Storage System Provider]
+ [default\Software\Microsoft\Windows\CurrentVersion\Explorer\{35106240-D2F0-DB35-716E-127EB80A0299}]
+ [default\Software\Microsoft\Windows\CurrentVersion\Explorer\{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6}]
[NTUSER]
+ [NTUSER\Software\Microsoft\Windows\CurrentVersion\Explorer\PostBootReminders\Microsoft.FixScreenResolution]
+ [NTUSER\Software\Microsoft\Windows\CurrentVersion\Explorer\PostBootReminders]

#– Malware Traffic – DNS: –

time.windows.com
windows7-catalog.cn

#– Malware Traffic – www: –

windows7-catalog.cn /zs/cfg.bin

#– Screenshots: –

Categories: malware Tags:
  1. No comments yet.
  1. No trackbacks yet.