TR/Symmi.21593.3
Tanggal ditemukan: 30/05/2013
Jenis: Trojan
Di alam liar: Tidak
Dilaporkan Infeksi: Rendah
Distribusi Potensi: Rendah
Kerusakan
Potensi: Rendah
Ukuran File : 281600 Bytes
VDF version: 7.11.81.218 - Thursday, May 30, 2013
MD5 checksum: 52ff0d49787e9732bc60ef400eef8732
File detail
Bahasa Program : MS Visual C++.
Metode
perbanyakan: • Tidak rutin menyebarkan sendiri
Deteksi dengan anti virus lainnya:
• Mcafee: PWS-Zbot.dx
• Kaspersky: Trojan-Spy.Win32.Zbot.lwhq
• Bitdefender: Trojan.GenericKD.1014858
• VirusBuster: TrojanSpy.Zbot!8nPClXNj/1M
• Eset: Win32/Kryptik.BCHP
• Sunbelt: Trojan.Win32.Generic!BT
• GData: Trojan.GenericKD.1014858
Platforms / OS:
• Windows 2000
• Windows XP
• Windows 2003
• Windows Vista
• Windows Server 2008
• Windows 7
• Mcafee: PWS-Zbot.dx
• Kaspersky: Trojan-Spy.Win32.Zbot.lwhq
• Bitdefender: Trojan.GenericKD.1014858
• VirusBuster: TrojanSpy.Zbot!8nPClXNj/1M
• Eset: Win32/Kryptik.BCHP
• Sunbelt: Trojan.Win32.Generic!BT
• GData: Trojan.GenericKD.1014858
Platforms / OS:
• Windows 2000
• Windows XP
• Windows 2003
• Windows Vista
• Windows Server 2008
• Windows 7
Efek samping:
• Drops file
Files
Berkas berikut dibuat:
– C:\TEMP\tmp%eight-digit random character string%.bat Furthermore it gets executed after it was fully created. This batch file is used to delete a file.
– C:\TEMP\tmp%eight-digit random character string%.bat Furthermore it gets executed after it was fully created. This batch file is used to delete a file.
Injeksi :
Salah satu proses berikut:
• wscntfy.exe
• explorer.exe
• ctfmon.exe
• wuauclt.exe
Rincian file
Bahasa pemrograman:
Program malware ditulis dalam MS Visual C + +.
0 Komentar:
Posting Komentar