| Malware name | Trojan.Dropper.Dldr.Agent.asyh.1 | | Type | Trojan | | Affected platform | Win32 | | Media-Type | application/rar | | MD5 checksum | 75EF772716D920456BAB8AF3B5DC7A4B | | Static file | yes | | Filesize | 243,811 Bytes | Alias names
(also known as) | | Sophos | Mal/EncPk-GY | | McAfee | Vundo | | CA ETrust | Win32/SillyDl.GFU |
| | Protection | | Webwasher Anti Malware | 7001.1022.x |
| | Side effects | - Drops a file
- Drops malicious files
| | Propagation | No own spreading routine |
|
Description:
Files
The following files are created:
–
%malware execution directory%\readme.bat
–
%malware execution directory%\setup.exe Furthermore it gets executed after it was fully created. Further investigation pointed out that this file is malware, too. Detected as:
3550 –
%malware execution directory%\readme.exe Furthermore it gets executed after it was fully created. Further investigation pointed out that this file is malware, too. Detected as:
2350 –
%malware execution directory%\serial.exe Furthermore it gets executed after it was fully created. Further investigation pointed out that this file is malware, too. Detected as: Trojan.Dldr.Small.ahtu
File details
Runtime packer: In order to aggravate detection and reduce size of the file it is packed with the following runtime packer:
• RAR SFX
