What is TrustedSource? | Create Account | Login 
Secure Computing Corporation
 
Home  Threats and Trends  Malware Information
TrustedSource™ Query
Enter IP address, domain name or URL to check reputation/traffic patterns:
Search
 

Malware Information

Malware nameWin32.Perlovga.A.1
TypeTrojan
Affected platformWin32
Media-Typeapplication/executable
MD5 checksum46C731D04513A6BB711D9B29C753077C
Static fileyes
Filesize31,236 Bytes
Alias names
(also known as)
Webwasher ProactiveWin32.Malware.gen#FSG
SophosW32/Fujacks-I
McAfeeW32/Fujacks.a
CA ETrustWin32/Emerleox.BO
Protection
Webwasher Anti Malware6034.1181.x
Webwasher ProactiveDatabase Version: 54
PropagationNo own spreading routine

Description:

Files

It copies itself to the following location:
• %WINDIR%\xcopy.exe



It copies the following files:
• C:\host.exe into %WINDIR%\svchost.exe
• C:\autorun.inf into %WINDIR%\autorun.inf




It tries to executes the following file:

– Filename:
• %WINDIR%\svchost.exe

File details

Programming language:
 The malware program was written in MS Visual C++.


Runtime packer:
In order to aggravate detection and reduce size of the file it is packed with a runtime packer.
Secure Computing Corporate Homepage | Contact | Privacy Policy | Disclaimer

Copyright © 2007-2008 Secure Computing Corporation. All Rights Reserved.

THE DATA IS FURNISHED, "AS IS" WITHOUT ANY WARRANTY OF ANY KIND, AND SECURE COMPUTING® HEREBY DISCLAIM ALL WARRANTIES, EXPRESS, IMPLIED OR STATUTORY INCLUDING, WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, AND ANY WARRANTIES AS TO NON-INFRINGEMENT, AND IN NO EVENT SHALL SECURE COMPUTING® BE LIABLE FOR COSTS OF PROCURING SUBSTITUTE GOODS. IN NO EVENT WILL SECURE COMPUTING® BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL, EXEMPLARY, OR OTHER DAMAGES WHETHER OR NOT SECURE COMPUTING® HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE.