Need help? Ask the community or hire an expert.
Go to Avira Answers
Virus:TR/Obfuscate.XY.536
Date discovered:23/05/2012
Type:Trojan
In the wild:No
Reported Infections:Low
Distribution Potential:Low
Damage Potential:Low
File size:552.960 Bytes
MD5 checksum:75791c664d816c00e78c408b810F22f7
VDF version:7.11.30.202 - Wednesday, May 23, 2012
IVDF version:7.11.30.202 - Wednesday, May 23, 2012

 General Method of propagation:
   • No own spreading routine


Aliases:
   •  Mcafee: Generic.grp!hh
   •  Bitdefender: Trojan.Generic.KDV.567624
     GData: Trojan.Generic.KDV.567624
     Norman: Trojan W32/Troj_Generic.APLTR


Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows Server 2008
    Windows 7

 Miscellaneous Accesses internet resources:
   • http://www.**********esperu.webs.com/rotadores/**********or1.txt
   • http://www.**********esperu.webs.com/rotadores/**********or2.txt
   • http://www.**********esperu.webs.com/rotadores/**********or3.txt
   • http://www.**********esperu.webs.com/rotadores/**********or4.txt
   • http://www.**********chaos.com/tutoriai.html
   • http://ads.**********wtion.com/**********.js?s=2730485&z=728x90
   • http://b.**********search.com/p?c1=8&c2=7936279&c3=0&cv=2.0&cj=1
   • http://pixel.**********serve.com/pixel/p-70x45KyHA6cIs.gif?media=ad


Event handler:
It creates the following Event handlers:
   • getprotobyname
   • TWorkEndEvent
   • AWorkCountMax
   • WSACloseEvent
   • getservbyname
   • gethostbyname
   • gethostbyaddr
   • HELO


String:
Furthermore it contains the following strings:
   • HTTP/1.0 200 OK
   • URL OleVariant

Description inserted by Wensin Lee on Tuesday, June 5, 2012
Description updated by Wensin Lee on Tuesday, June 5, 2012

Back . . . .