What is TrustedSource? | Create Account | Login 
Secure Computing Corporation
 
Home  Threats and Trends  Malware Information
TrustedSource™ Query
Enter IP address, domain name or URL to check reputation/traffic patterns:
Search
 

Malware Information

Malware nameTrojan.Dldr.Agent.73728
TypeTrojan
Affected platformWin32
Media-Typeapplication/executable
MD5 checksumCBE0FF45745324FCA399A7CA53820C9F
Static fileno
Filesize73,728 Bytes
Alias names
(also known as)
SophosMal/Behav-063
McAfeeDownloader-BDX
CA ETrustWin32/Livuto!generic
Side effectsDownloads malicious files
PropagationNo own spreading routine

Description:

Files

It tries to download some files:

– The location is the following:
• http://78.157.143.251/hvhakrb/*****.exe
It is saved on the local hard drive under: %tempdir%\vistasp1.exe Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too. Detected as: Trojan.Drop.Agen.130048


– The location is the following:
• http://viacodecright1.com/s1265/*****.exe
It is saved on the local hard drive under: %tempdir%\s1265.php Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too. Detected as: Trojan.Vapsup.kcw


– The location is the following:
• http://193.33.61.169/*****
It is saved on the local hard drive under: %tempdir%\bindsrv2.exe Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too. Detected as: Trojan.Monder.fdd


– The location is the following:
• http://91.203.92.13/files/42/v2test3/*****.exe
It is saved on the local hard drive under: %tempdir%\atmadm2.exe Furthermore this file gets executed after it was fully downloaded. Further investigation pointed out that this file is malware, too. Detected as: Trojan.UPD.61440

Secure Computing Corporate Homepage | Contact | Privacy Policy | Disclaimer

Copyright © 2007-2008 Secure Computing Corporation. All Rights Reserved.

THE DATA IS FURNISHED, "AS IS" WITHOUT ANY WARRANTY OF ANY KIND, AND SECURE COMPUTING® HEREBY DISCLAIM ALL WARRANTIES, EXPRESS, IMPLIED OR STATUTORY INCLUDING, WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, AND ANY WARRANTIES AS TO NON-INFRINGEMENT, AND IN NO EVENT SHALL SECURE COMPUTING® BE LIABLE FOR COSTS OF PROCURING SUBSTITUTE GOODS. IN NO EVENT WILL SECURE COMPUTING® BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL, EXEMPLARY, OR OTHER DAMAGES WHETHER OR NOT SECURE COMPUTING® HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE.