Besoin d’aide ? Fais appel à la communauté ou embauche un spécialiste.
Aller à Avira Answers
Date discovered:24/08/2013
In the wild:No
Reported Infections:Medium
Distribution Potential:Low to medium
Damage Potential:Low to medium
Static file:Yes
File size:117.032 Bytes
MD5 checksum:122BB892BEAFE9FDDAD9E9397474380B
VDF version:
IVDF version:

 General Method of propagation:
   • No own spreading routine

   •  Mcafee: Artemis!122BB892BEAF
   •  Sophos: Troj/Agent-ADGV
   •  Avast: Win32:Injector-BJP [Trj]
   •  AVG: Win32/Cryptor
   •  Grisoft: Win32/Cryptor
   •  Eset: Win32/PSW.Fareit.A
   •  AhnLab: Trojan/Win32.Inject
   •  DrWeb: Trojan.PWS.Stealer.1932

Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7

Side effects:
   • Drops a malicious file
   • Registry modification
   • Steals information
   • Pricetrap function - user is fooled into making a costly subscription

Right after execution the following information is displayed:

 Registry The following registry key is added:

– [HKCU\Software\WinRAR]
   New value:
   • "HWID"=%hex values%

 File details Programming language:
The malware program was written in MS Visual C++.

Runtime packer:
In order to aggravate detection and reduce size of the file it is packed with the following runtime packer:
   • UPX V2.00-V2.90

Compilation date:
Date: 23/08/2013

Description insérée par Alexander Bauer le dimanche 25 août 2013
Description mise à jour par Alexander Bauer le dimanche 25 août 2013

Retour . . . .