25.05.2012, 05:32
Malware info:
SHA256: 1268a7f078fec8c340b379396ce625dd8672e74f21ac7af0751d1dfcdae22c68
SHA1: b9d1e0a11b95ee8d4f4a6d320e148af1d7f85c95
MD5: 8025b55b4ebf5dd760b51ebb0e1681fa
File size: 67.5 KB ( 69120 bytes )
VT info (25/42):
Changes in the system:
SHA256: 1268a7f078fec8c340b379396ce625dd8672e74f21ac7af0751d1dfcdae22c68
SHA1: b9d1e0a11b95ee8d4f4a6d320e148af1d7f85c95
MD5: 8025b55b4ebf5dd760b51ebb0e1681fa
File size: 67.5 KB ( 69120 bytes )
VT info (25/42):
[Aby zobaczyć linki, zarejestruj się tutaj]
Changes in the system:
- Registry Key:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\run\bs_stealth: "%Appdata%\After.exe"
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\run\bs_stealth: "%Appdata%\After.exe"
Files:
%Appdata%\ After.exe
%Appdata%\bs_log.dat
Treść widoczna jedynie dla zarejestrowanych użytkowników