需要修復電腦?
聘請專家
Virus:TR/Spy.Bebloh.EB.94
Date discovered:30/01/2013
Type:Trojan
In the wild:Yes
Reported Infections:Medium to high
Distribution Potential:Low
Damage Potential:Low to medium
Static file:Yes
File size:230.904 Bytes
MD5 checksum:E984A9E640593A866542906DE77B03BC
VDF version:7.11.59.52 - Wednesday, January 30, 2013
IVDF version:7.11.59.52 - Wednesday, January 30, 2013

 General Method of propagation:
   • No own spreading routine


Aliases:
   •  Kaspersky: Trojan.Win32.Bublik.acwh
   •  Sophos: Mal/EncPk-MP
     Avast: Win32:Crypt-OVP
     Microsoft: Trojan:Win32/Bublik.B
   •  Panda: Trj/OCJ.C
   •  Eset: Win32/Spy.Bebloh.J
     DrWeb: BackDoor.Bebloh.21
     Fortinet: W32/Zbot.DHN!tr


Platforms / OS:
   • Windows 2000
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows Server 2008
    Windows 7


Side effects:
   • Drops a malicious file
   • Registry modification
   • Steals information

 Files It copies itself to the following location:
   • %SYSDIR%\%random%.exe

 Registry The following registry key is added:

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\
   Image File Execution Options\userinit.exe]
   • "Debugger"="%random%.exe"

 Miscellaneous Accesses internet resources:
   • gel**********om/f/t.php

說明撰寫者 Eric Burk 開啟 2013年2月1日星期五
說明更新者 Eric Burk 開啟 2013年2月1日星期五

返回 . . . .
https:// 為了你的安全,此視窗已加密。