Need help? Ask the community or hire an expert.
Go to Avira Answers
Date discovered:24/04/2012
In the wild:No
Reported Infections:High
Distribution Potential:Low
Damage Potential:Medium
Static file:Yes
File size:135.168 Bytes
MD5 checksum:3CCC73F049A1DE731BAF7EA8915C92A8
VDF version: - Tuesday, April 24, 2012
IVDF version: - Tuesday, April 24, 2012

 General Method of propagation:
   • No own spreading routine

   •  Kaspersky: Trojan-Dropper.Win32.Injector.esjb
     DrWeb: BackDoor.Bebloh.13

Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows Server 2008
    Windows 7

Side effects:
    Can be used to execute malicious code
   • Drops a malicious file
   • Registry modification
   • Steals information

 Files It copies itself to the following location:
   • %SYSDIR%\%random character string%.exe

 Registry The following registry key is added:

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\userinit.exe]
   • "Debugger"="%random character string%

Açıklamayı yerleştiren Eric Burk tarihinde 24 Nisan 2012 Salı
Açıklamayı güncelleyen: Eric Burk tarihinde 24 Nisan 2012 Salı

Geri . . . .
https:// Bu pencere güvenlik amacıyla şifrelenmiştir.