Home > malware > Malware Report: a664aab0b9e3b12691f827957e7bf35936f281cf

Malware Report: a664aab0b9e3b12691f827957e7bf35936f281cf

November 11th, 2009 xandora Leave a comment Go to comments

File SHA1: a664aab0b9e3b12691f827957e7bf35936f281cf
File MD5 : e9d6081adb2b5146bec3e5cc5516414d
File Type: PE32 executable for MS Windows (GUI) Intel 80386 32-bit
Date: Wed Nov 11 05:48:32 MYT 2009
Possible Malware: YES

#– Files Created: –

/Documents and Settings/Administrator/Local Settings/Temp/ebv2.tmp.exe
/Documents and Settings/Administrator/Local Settings/Temp/tkm1.tmp.exe
/WINDOWS/0w9r56d6z.cpl
/WINDOWS/10429tzo9554.exe
/WINDOWS/104955ozm3ac.dll
/WINDOWS/10551sz92b9.cpl
/WINDOWS/10589spy3d9z.bin
/WINDOWS/1058sp9z5ot52c.ocx
/WINDOWS/10867z9oj158.ocx
/WINDOWS/10z925irus152.dll
/WINDOWS/11309h5ckzool64e.exe
/WINDOWS/11428s9z4de5.dll
/WINDOWS/1199s5eaz221.dll
/WINDOWS/11z19no9-a-vir5s473.exe
/WINDOWS/12097vzrus529.exe
/WINDOWS/12117wo5z1369.ocx
/WINDOWS/122965ot-z-9irus557.dll
/WINDOWS/12520zroj39c.dll
/WINDOWS/12958virzs29d.bin
/WINDOWS/130z0spambo529b.dll
/WINDOWS/13192notza-5irus8c.exe
/WINDOWS/13394vir5z7cb9.bin
/WINDOWS/1365spazse52999.dll
/WINDOWS/138519iz5s763.dll
/WINDOWS/13893s5yz92.exe
/WINDOWS/13955nzt-a-vir9s11d.cpl
/WINDOWS/139779acktool9z5.ocx
/WINDOWS/13z13viru9522.dll
/WINDOWS/1414tzr9at114945.exe
/WINDOWS/14289zorm53d.ocx
/WINDOWS/14808virzs9cd5.ocx
/WINDOWS/1481z5acktool7ca9.dll
/WINDOWS/15107z9rm7.ocx
/WINDOWS/1525pyzare2289.ocx
/WINDOWS/15506not9a-virus3bz.bin
/WINDOWS/15899trzj4e6.dll
/WINDOWS/158ha5k9ooz29c.ocx
/WINDOWS/1592steal35z9.exe
/WINDOWS/1595wormzd1.ocx
/WINDOWS/15z41spy6d39.bin
/WINDOWS/16055pars91088z.exe
/WINDOWS/16359zpa5bot568.cpl
/WINDOWS/1670zddware19215.bin
/WINDOWS/167zbackdoor5459.exe
/WINDOWS/16z0wo5m5eb9.bin
/WINDOWS/16z8st59l149.dll
/WINDOWS/17779wo5m597z.bin
/WINDOWS/17959vzrusbf5.bin
/WINDOWS/17c9vir559z.dll
/WINDOWS/184085r9j5z5.bin
/WINDOWS/18bzdo5nloader898.exe
/WINDOWS/1932759zj49a.exe
/WINDOWS/193z5ir411.dll
/WINDOWS/1955h5cktool275z.bin
/WINDOWS/1958hac9zool5a1.cpl
/WINDOWS/195z195oj215.ocx
/WINDOWS/19b1backdzor545.dll
/WINDOWS/19z82w5rmcc.cpl
/WINDOWS/19z99tr5j5ed.bin
/WINDOWS/1a2dspaz95638.cpl
/WINDOWS/1aafsp9rse1z025.cpl
/WINDOWS/1b23th5ez3957.cpl
/WINDOWS/1b3d5z9110.ocx
/WINDOWS/1b825pyw9re3z83.dll
/WINDOWS/1bacba5kzo9r127.exe
/WINDOWS/1edd9zarse2519.cpl
/WINDOWS/1f5cad5ware1z98.exe
/WINDOWS/1z802not5a-9irus4b4.ocx
/WINDOWS/1z977v9rus2f5.exe
/WINDOWS/207059ot-5-zirus50c.cpl
/WINDOWS/20z955orm32b9.cpl
/WINDOWS/2120tro95az.dll
/WINDOWS/21254ha9ktoo55az.cpl
/WINDOWS/2194w9zm59b.ocx
/WINDOWS/21997hackt9olz54.exe
/WINDOWS/222895ir9z433.ocx
/WINDOWS/22719hacktooz5b89.dll
/WINDOWS/2284z5ot-9-virus71b.dll
/WINDOWS/22908no9-azvirus72a5.bin
/WINDOWS/22dfthzef93985.ocx
/WINDOWS/23930t9oj5z7.exe
/WINDOWS/239z25pambot677.ocx
/WINDOWS/24040hac5tool6b9z.bin
/WINDOWS/2459zpambot584.exe
/WINDOWS/2497759tza-virus311.exe
/WINDOWS/2499zac5door1576.ocx
/WINDOWS/25034zi9us226.bin
/WINDOWS/2509backdozr412.ocx
/WINDOWS/2521spy9za.ocx
/WINDOWS/25292troj20dz.bin
/WINDOWS/253295orm519z.ocx
/WINDOWS/2548zvir9s58.dll
/WINDOWS/25518nzt9a-virus401.bin
/WINDOWS/255695acktool57fz.bin
/WINDOWS/25619troj7fz.exe
/WINDOWS/25692s9ambot37z.dll
/WINDOWS/259c5zeal8.exe
/WINDOWS/25f9spywa9e29z1.ocx
/WINDOWS/25z38v9rusb7.exe
/WINDOWS/25z485orm936.cpl
/WINDOWS/25z58hacktoo97cc.dll
/WINDOWS/25z5thie9745.exe
/WINDOWS/2655zwor55f99.exe
/WINDOWS/26953h5cktool27z.exe
/WINDOWS/26aa9ownloa5er1z22.cpl
/WINDOWS/26d9zhreat14095.cpl
/WINDOWS/27195hackzool39d.bin
/WINDOWS/2739z5t-a-viru99a.dll
/WINDOWS/27534not-a-9irus675z.exe
/WINDOWS/27545hack9ool73az.exe
/WINDOWS/27712n59-a-vzrusd3.cpl
/WINDOWS/2774zs5y3349.ocx
/WINDOWS/27825zpy99.ocx
/WINDOWS/2797zow5loader1278.bin
/WINDOWS/27b49irz6695.cpl
/WINDOWS/28398hzckt9ol150.cpl
/WINDOWS/285275oz-a-vi9us67.dll
/WINDOWS/2883szars58069.ocx
/WINDOWS/2907thre5t23673z.dll
/WINDOWS/29159wozm5d6.ocx
/WINDOWS/29275hacktoolz39.cpl
/WINDOWS/29541troj75z.exe
/WINDOWS/29905zo5mef9.exe
/WINDOWS/29995zpy4a5.ocx
/WINDOWS/29a9threat5826z.dll
/WINDOWS/29z339orm65f.cpl
/WINDOWS/2c34spy9zre574.dll
/WINDOWS/2cc9zo5nloader414.dll
/WINDOWS/2fbd9ac5zoor1541.bin
/WINDOWS/2z0cthi5f1913.dll
/WINDOWS/2z701w9r5267.dll
/WINDOWS/2z98sp5rse1370.cpl
/WINDOWS/2zdc95r1631.dll
/WINDOWS/30411spambz5590.ocx
/WINDOWS/30599tzojdc.exe
/WINDOWS/309eba95dooz1623.exe
/WINDOWS/30z90troj1ab5.ocx
/WINDOWS/3152zvirus999.bin
/WINDOWS/31594hackzool92.ocx
/WINDOWS/320449zy15.ocx
/WINDOWS/325threzt255049.ocx
/WINDOWS/335zbackdoor21889.exe
/WINDOWS/352aaddwarz9197.cpl
/WINDOWS/352bzpy9are951.dll
/WINDOWS/35729roza.ocx
/WINDOWS/35sp9ware133z.ocx
/WINDOWS/3776spzrs9856.bin
/WINDOWS/38155ownl9ader2084z.bin
/WINDOWS/3912spzmb5t4c5.ocx
/WINDOWS/3936vzr515.bin
/WINDOWS/3983sparze5600.dll
/WINDOWS/39842n5t-a-virus63z.cpl
/WINDOWS/3c49thief505z.dll
/WINDOWS/3dz1spywa5e209.cpl
/WINDOWS/3e9thzef958.bin
/WINDOWS/3z13wor5196.bin
/WINDOWS/3z145teal9020.dll
/WINDOWS/3z18spambot2559.cpl
/WINDOWS/3z461spambo96345.ocx
/WINDOWS/3z5daddwa9e9975.exe
/WINDOWS/3z859spyf65.exe
/WINDOWS/4009spamboz9ae5.ocx
/WINDOWS/4096troz595.cpl
/WINDOWS/40995irz002.ocx
/WINDOWS/411edown9oa5er2z66.ocx
/WINDOWS/41679h5efz876.bin
/WINDOWS/42d9stz5l1277.exe
/WINDOWS/43755i9z221.cpl
/WINDOWS/4391back5oorz090.bin
/WINDOWS/43c195dware2701z.dll
/WINDOWS/4497ste5z545.exe
/WINDOWS/44zds9arse5933.bin
/WINDOWS/4514backdoo91811z.bin
/WINDOWS/45579ackdzor4915.exe
/WINDOWS/45675zreat13959.ocx
/WINDOWS/456dzwnloade9213.exe
/WINDOWS/46cezd95are1633.bin
/WINDOWS/4895downloadez2699.exe
/WINDOWS/490zspars5399.exe
/WINDOWS/4957spywarez267.cpl
/WINDOWS/49bcthreat2590z5.dll
/WINDOWS/49ccst5zl2643.exe
/WINDOWS/49d5backdoor2z2.exe
/WINDOWS/49z3sparse3195.ocx
/WINDOWS/4a45addw9re23z0.exe
/WINDOWS/4c20threzt50597.ocx
/WINDOWS/4d7ethi9z2659.cpl
/WINDOWS/4d9cst5al9z1.bin
/WINDOWS/4f85szarse958.cpl
/WINDOWS/4z755orm56d9.dll
/WINDOWS/4z91spywa5e3259.exe
/WINDOWS/4z9evir555.dll
/WINDOWS/5050zi5us2cf9.cpl
/WINDOWS/507569orm7z9.cpl
/WINDOWS/50a9addzare2740.dll
/WINDOWS/50z7s9a5se1429.cpl
/WINDOWS/517299pz5db.dll
/WINDOWS/52120spy5ze9.ocx
/WINDOWS/52e9thrzat9242.cpl
/WINDOWS/52z5s9y16c.bin
/WINDOWS/53bzs9a5se3227.dll
/WINDOWS/53z89hacktool595.cpl
/WINDOWS/545cthie93z93.ocx
/WINDOWS/54abdow9load5r104z.ocx
/WINDOWS/54c4zh9eat31662.dll
/WINDOWS/54d5steal497z.ocx
/WINDOWS/551z7spa9bot373.exe
/WINDOWS/5522stzal3209.cpl
/WINDOWS/55394hack9ozl409.dll
/WINDOWS/5571threat297z5.dll
/WINDOWS/559bdo9nl5adez2889.exe
/WINDOWS/55a0st9zl20775.dll
/WINDOWS/55z4sp999.dll
/WINDOWS/5636thr95t2z529.cpl
/WINDOWS/567c9ir1z155.ocx
/WINDOWS/567dback59zr2480.dll
/WINDOWS/56905zambot6ae.cpl
/WINDOWS/571daz5ware2914.cpl
/WINDOWS/5747ziru92cd.dll
/WINDOWS/5822dow9zoader5844.dll
/WINDOWS/587csp5z9e1512.bin
/WINDOWS/5898zhacktool589.cpl
/WINDOWS/58a2vzr9029.ocx
/WINDOWS/58c05py9are3269z.exe
/WINDOWS/59033spambzt9f5.dll
/WINDOWS/5941spy6fz.bin
/WINDOWS/5941zworm151.exe
/WINDOWS/5959h9cktooz4e7.exe
/WINDOWS/5959tzie9625.cpl
/WINDOWS/5972b9ckdoorz58.bin
/WINDOWS/5990s9yz5e.dll
/WINDOWS/59965hreaz15090.exe
/WINDOWS/5996zpa9se2597.ocx
/WINDOWS/59cathiez2325.cpl
/WINDOWS/59z6sp95are906.exe
/WINDOWS/59zathreat931075.exe
/WINDOWS/5ad5v9r311z.dll
/WINDOWS/5ae7thzea996925.exe
/WINDOWS/5aefadd9are289z.exe
/WINDOWS/5b0bs9eal1z75.bin
/WINDOWS/5b38v5r3z39.dll
/WINDOWS/5b9z5ir963.cpl
/WINDOWS/5d35zh9ef1634.bin
/WINDOWS/5e68zir549.exe
/WINDOWS/5f71spzrse9654.bin
/WINDOWS/5z195ddware463.ocx
/WINDOWS/5z3dv5r13869.dll
/WINDOWS/5z54steal5729.bin
/WINDOWS/5z79spyware26525.bin
/WINDOWS/5z905irus1f9.bin
/WINDOWS/5z936spambot395.exe
/WINDOWS/5za09te5l2060.bin
/WINDOWS/5zd3s5yw9re1697.ocx
/WINDOWS/64b1bac5door10z89.bin
/WINDOWS/64z9t9oj1a5.ocx
/WINDOWS/6589zddwar51018.exe
/WINDOWS/65959zr286.exe
/WINDOWS/65b8backdoo91350z.ocx
/WINDOWS/6653b5ck9oor16z7.cpl
/WINDOWS/67ff95ckdozr1366.cpl
/WINDOWS/68d3s9ealz52.exe
/WINDOWS/6947ha5kto9l2z7.cpl
/WINDOWS/6c9cthzef2250.cpl
/WINDOWS/6c9zdow5loader2152.dll
/WINDOWS/6cd8sp9wa5ez233.ocx
/WINDOWS/6cz0back9oor1485.cpl
/WINDOWS/6d99tz5eat127409.exe
/WINDOWS/6d9z5ackdoor2172.dll
/WINDOWS/6dcczhie52539.cpl
/WINDOWS/6z2backdo9r25595.ocx
/WINDOWS/6zf0addware953.dll
/WINDOWS/7037tzie93095.dll
/WINDOWS/7155zr9j42b.cpl
/WINDOWS/7292ad5ware2z75.ocx
/WINDOWS/733z9pambo547a.cpl
/WINDOWS/74abstezl9951.bin
/WINDOWS/74z959reat27870.ocx
/WINDOWS/750e9pywaze836.ocx
/WINDOWS/7511d5w9zoader2471.ocx
/WINDOWS/7524spywa9ez759.ocx
/WINDOWS/753vir9sz07.dll
/WINDOWS/75aath9ez2865.ocx
/WINDOWS/75d39zr598.dll
/WINDOWS/76z9not-a-vi5us7a4.bin
/WINDOWS/7751add9zre772.bin
/WINDOWS/77za5ddwa9e344.dll
/WINDOWS/7873tro539z.dll
/WINDOWS/78c2v5z15759.cpl
/WINDOWS/79c4zpyware752.dll
/WINDOWS/7a39sparsez959.ocx
/WINDOWS/7a97ba5kdoor2z77.cpl
/WINDOWS/7adf5ir29z09.exe
/WINDOWS/7bdf9zyware20745.bin
/WINDOWS/7ccct95eaz18864.dll
/WINDOWS/7e50v5z2559.cpl
/WINDOWS/7f51bac9door27z4.dll
/WINDOWS/8950hacktozl10b.exe
/WINDOWS/90623spambot1z85.cpl
/WINDOWS/912zth5ef2159.exe
/WINDOWS/920bac5doorz3299.bin
/WINDOWS/92589wozm757.bin
/WINDOWS/93462s5y1b6z.exe
/WINDOWS/93b2tz5eat25336.ocx
/WINDOWS/941w9zm15e.ocx
/WINDOWS/9501troz56c.ocx
/WINDOWS/951zhief974.ocx
/WINDOWS/95534wormzc9.bin
/WINDOWS/955spazse131.cpl
/WINDOWS/9571ha9ktzol3605.dll
/WINDOWS/9585zirus198.ocx
/WINDOWS/9596wz5m1f8.dll
/WINDOWS/95b3thiefz654.cpl
/WINDOWS/95z40worm654.dll
/WINDOWS/95z7spy9d4.exe
/WINDOWS/960th5eaz12650.dll
/WINDOWS/96465tzoje5.ocx
/WINDOWS/96cc5ddware2822z.ocx
/WINDOWS/970zs9y1a5.dll
/WINDOWS/97820vi5us716z.cpl
/WINDOWS/9803noz-a-virus599.bin
/WINDOWS/98562tz5j7d5.exe
/WINDOWS/9889th5zat16226.dll
/WINDOWS/99011sza5bot652.cpl
/WINDOWS/9972not-azv5rus65b.bin
/WINDOWS/99ccdownzoa5er15.ocx
/WINDOWS/99ezvi5244.bin
/WINDOWS/9a5cthizf2505.exe
/WINDOWS/9b59ckzoor3184.dll
/WINDOWS/9bz1vir26475.ocx
/WINDOWS/9d20bzckdoor2552.exe
/WINDOWS/9d52s5arse3z5.exe
/WINDOWS/9d5pywarz1549.bin
/WINDOWS/9e8sp5warez599.exe
/WINDOWS/9ff1backzoor5114.exe
/WINDOWS/9z05worm6f.cpl
/WINDOWS/9zd2spars52991.dll
/WINDOWS/Prefetch/EBV2.TMP.EXE-1DD71684.pf
/WINDOWS/Prefetch/TKM1.TMP.EXE-30427E96.pf
/WINDOWS/a51back95or1z13.bin
/WINDOWS/ad3s5yz9re318.bin
/WINDOWS/b1sp9war53z76.exe
/WINDOWS/b5cdow9z5ader2691.exe
/WINDOWS/c64bac95ozr2025.bin
/WINDOWS/cz6vi99065.ocx
/WINDOWS/d07tz9e53084.exe
/WINDOWS/d41dowzloader956.cpl
/WINDOWS/ddfzp5wa9e279.dll
/WINDOWS/e81v5943z.bin
/WINDOWS/ee9downlo5dez2845.bin
/WINDOWS/f95ownloa9er2325z.dll
/WINDOWS/system32/10883spamb59z91.cpl
/WINDOWS/system32/1096zspy525.ocx
/WINDOWS/system32/10z759py752.dll
/WINDOWS/system32/1108s9a5bzt745.dll
/WINDOWS/system32/11369szy75e5.exe
/WINDOWS/system32/11688w9r52e6z.bin
/WINDOWS/system32/1195ba5kdzor409.bin
/WINDOWS/system32/12274not-5-vi9uz1e1.dll
/WINDOWS/system32/122fztea5549.bin
/WINDOWS/system32/12339spamb9z625.bin
/WINDOWS/system32/12808h5ckt9zl531.dll
/WINDOWS/system32/1293worz257.bin
/WINDOWS/system32/129z6tr9j3b5.ocx
/WINDOWS/system32/13145worm9z9.exe
/WINDOWS/system32/13366n9t-a-virz5b7.cpl
/WINDOWS/system32/13402haz9tool527.cpl
/WINDOWS/system32/13689spambo955z.bin
/WINDOWS/system32/138965rojzf6.bin
/WINDOWS/system32/14010not-a-v9ruz458.dll
/WINDOWS/system32/1455hacktooz5f9.bin
/WINDOWS/system32/1475z5roj493.cpl
/WINDOWS/system32/14929wz5m27a.bin
/WINDOWS/system32/14z51troj829.dll
/WINDOWS/system32/1511sp9warez917.exe
/WINDOWS/system32/1539backdozr2580.bin
/WINDOWS/system32/153zvirus9f.ocx
/WINDOWS/system32/154899pyz54.dll
/WINDOWS/system32/154fthz9at3177.dll
/WINDOWS/system32/15642hacz9o5l2bd.cpl
/WINDOWS/system32/15975virus574z.bin
/WINDOWS/system32/159evir2906z.ocx
/WINDOWS/system32/16217zo9-a-vi5us4bd.ocx
/WINDOWS/system32/16319spy5bz.bin
/WINDOWS/system32/16957sza9bot5e1.cpl
/WINDOWS/system32/16eb9te5z2624.bin
/WINDOWS/system32/16z56wor95b9.dll
/WINDOWS/system32/1775095rus47z.bin
/WINDOWS/system32/18897hackzool65f.cpl
/WINDOWS/system32/188z9v9rus46b5.exe
/WINDOWS/system32/18911spamboz54b9.cpl
/WINDOWS/system32/189z05pa9bot244.exe
/WINDOWS/system32/1903znot-5-viru91a3.ocx
/WINDOWS/system32/190ca5dwz9e1200.dll
/WINDOWS/system32/195175rojzae.ocx
/WINDOWS/system32/195v5r2z65.exe
/WINDOWS/system32/19954h9z5tool254.dll
/WINDOWS/system32/19962zpam9o51d9.ocx
/WINDOWS/system32/19972sz55.ocx
/WINDOWS/system32/1a76dow5loazer9582.exe
/WINDOWS/system32/1az2downloa9e5595.bin
/WINDOWS/system32/1bz0d9wnloade5646.cpl
/WINDOWS/system32/1bz0vir950.dll
/WINDOWS/system32/1c5zthr9at1935.exe
/WINDOWS/system32/1d4fvir595z.bin
/WINDOWS/system32/1f55thizf1679.cpl
/WINDOWS/system32/1z25vir9153.ocx
/WINDOWS/system32/1z45595rus779.cpl
/WINDOWS/system32/1z594worm519.cpl
/WINDOWS/system32/1z69v951410.ocx
/WINDOWS/system32/1z986not-a-vi5us4d99.bin
/WINDOWS/system32/2003not-a9vir5z6f9.exe
/WINDOWS/system32/2031t9zj35c.bin
/WINDOWS/system32/215bad95arz3215.ocx
/WINDOWS/system32/21856viruz93.exe
/WINDOWS/system32/21866nz9-a-virus156.exe
/WINDOWS/system32/21z81tro933f5.bin
/WINDOWS/system32/2227d9wnloaderz568.ocx
/WINDOWS/system32/23397trz9455.dll
/WINDOWS/system32/23587virusz9.dll
/WINDOWS/system32/23590troj5z.cpl
/WINDOWS/system32/23790troj5z0.cpl
/WINDOWS/system32/23951h5cktz9l399.bin
/WINDOWS/system32/2395zhackt59l40a.dll
/WINDOWS/system32/23bzthief2159.bin
/WINDOWS/system32/23z4spa5b9t3b9.ocx
/WINDOWS/system32/24139zr95761.cpl
/WINDOWS/system32/24605s9amzot5.dll
/WINDOWS/system32/24919hacztool559.ocx
/WINDOWS/system32/2502zhacktoo960f.exe
/WINDOWS/system32/25095spambot2z.cpl
/WINDOWS/system32/25129sza95ot5.dll
/WINDOWS/system32/25197worz5f9.ocx
/WINDOWS/system32/25215spamz59601.cpl
/WINDOWS/system32/25298szy289.cpl
/WINDOWS/system32/2553steal30z49.exe
/WINDOWS/system32/258965zr9699.dll
/WINDOWS/system32/263995zrm707.dll
/WINDOWS/system32/26846not-a-9izus7f85.exe
/WINDOWS/system32/26872spzm5ot29d.cpl
/WINDOWS/system32/2731zspy592.cpl
/WINDOWS/system32/27529zot-a-virus7509.cpl
/WINDOWS/system32/27599troz94.dll
/WINDOWS/system32/27712w95m8fz.dll
/WINDOWS/system32/27852tzoj9b5.cpl
/WINDOWS/system32/27873not-a-5irusz499.dll
/WINDOWS/system32/27975ackdoor29z5.dll
/WINDOWS/system32/28051zirus9e75.bin
/WINDOWS/system32/28357spambot5f9z.cpl
/WINDOWS/system32/28370ha5kto9z28e.dll
/WINDOWS/system32/290315rojz09.cpl
/WINDOWS/system32/2933zspamb5ta9.cpl
/WINDOWS/system32/29455wo5z448.bin
/WINDOWS/system32/29455wormf1z.exe
/WINDOWS/system32/298575pyz1c9.dll
/WINDOWS/system32/29b9threat1605z5.bin
/WINDOWS/system32/29ccbz5kdoor1571.dll
/WINDOWS/system32/29viz65.exe
/WINDOWS/system32/29z60not-a-virus513.cpl
/WINDOWS/system32/2a47ad9wa5z948.cpl
/WINDOWS/system32/2a829hrzat8650.ocx
/WINDOWS/system32/2b9fz9r995.bin
/WINDOWS/system32/2c6fs5eaz23069.bin
/WINDOWS/system32/2z295virus6889.dll
/WINDOWS/system32/2z425teal698.dll
/WINDOWS/system32/2z728wo5m693.dll
/WINDOWS/system32/2zbesteal5849.bin
/WINDOWS/system32/2zeeba9kdo5r2705.cpl
/WINDOWS/system32/30595worz60e.bin
/WINDOWS/system32/308ftz5ea916094.dll
/WINDOWS/system32/30f9zi513689.bin
/WINDOWS/system32/31029vzrus259.exe
/WINDOWS/system32/3145zwor5d9.cpl
/WINDOWS/system32/31843worz2895.ocx
/WINDOWS/system32/31950spamb9t5z5.exe
/WINDOWS/system32/32259hackz5ol32f.exe
/WINDOWS/system32/32273n5t-9-virzs1ea.dll
/WINDOWS/system32/32345trojzbb9.ocx
/WINDOWS/system32/3239zhief1568.bin
/WINDOWS/system32/32582no5-z-vi9us319.exe
/WINDOWS/system32/325z59py5d3.cpl
/WINDOWS/system32/32614tr95149z.exe
/WINDOWS/system32/32e0thre5t9z399.ocx
/WINDOWS/system32/32z5s5y982.cpl
/WINDOWS/system32/3444wozm459.dll
/WINDOWS/system32/3575addwz9e2472.exe
/WINDOWS/system32/3596vir163z.bin
/WINDOWS/system32/35b9spyzar93065.dll
/WINDOWS/system32/35c9downloaderz06.ocx
/WINDOWS/system32/3605s9zware1473.dll
/WINDOWS/system32/3657spyw9rz1016.bin
/WINDOWS/system32/3671no9-a-virus56z.cpl
/WINDOWS/system32/3757tz9ea519931.dll
/WINDOWS/system32/378fzpars96955.exe
/WINDOWS/system32/39944spazbot4c5.exe
/WINDOWS/system32/39a6threat5242z.ocx
/WINDOWS/system32/39z5addware2497.ocx
/WINDOWS/system32/3aa5thzea922723.cpl
/WINDOWS/system32/3b8asp9warz5995.cpl
/WINDOWS/system32/3ca4t5reat9z512.cpl
/WINDOWS/system32/3e09szywa9e751.cpl
/WINDOWS/system32/3e24v9z2355.cpl
/WINDOWS/system32/3e95t5rzat29445.bin
/WINDOWS/system32/3z0479ot-a-virus495.ocx
/WINDOWS/system32/402fspyw5re18z9.dll
/WINDOWS/system32/4043szarse59869.dll
/WINDOWS/system32/413dow9loadez2562.cpl
/WINDOWS/system32/4158thzef1998.cpl
/WINDOWS/system32/41635hrea9z5244.dll
/WINDOWS/system32/41d9ste5l1457z.bin
/WINDOWS/system32/43z59reat32013.ocx
/WINDOWS/system32/443dbzckdoor13495.ocx
/WINDOWS/system32/44z9spy7305.cpl
/WINDOWS/system32/44zcth95f1298.dll
/WINDOWS/system32/4562az5wa9e656.exe
/WINDOWS/system32/456dv9z1739.bin
/WINDOWS/system32/4704zh95f840.bin
/WINDOWS/system32/484zt9ief1935.bin
/WINDOWS/system32/4997vir1z599.ocx
/WINDOWS/system32/4999ba5zdoor1594.dll
/WINDOWS/system32/499dthr5atz2451.exe
/WINDOWS/system32/49e5addware628z.bin
/WINDOWS/system32/4a51spyzar9140.bin
/WINDOWS/system32/4d47zp5rse2169.cpl
/WINDOWS/system32/4z00vi9us75a.ocx
/WINDOWS/system32/4z4espa9se28215.ocx
/WINDOWS/system32/4ze2spa95e476.dll
/WINDOWS/system32/506z6virus309.dll
/WINDOWS/system32/5118wzr96b05.exe
/WINDOWS/system32/5264vzr2992.ocx
/WINDOWS/system32/5357addware26z29.ocx
/WINDOWS/system32/53836hac9tool28z.bin
/WINDOWS/system32/53b9addza5e1579.exe
/WINDOWS/system32/5405thze9t4685.ocx
/WINDOWS/system32/5429thiez879.dll
/WINDOWS/system32/5492addwar5256z.cpl
/WINDOWS/system32/5495pzrse961.dll
/WINDOWS/system32/54ab9ownloaderz556.bin
/WINDOWS/system32/54b1sp5w9re2760z.cpl
/WINDOWS/system32/54z0v5r2957.bin
/WINDOWS/system32/54z1worm980.cpl
/WINDOWS/system32/551z3v9rus168.ocx
/WINDOWS/system32/5550no9-azvirus5ef.ocx
/WINDOWS/system32/555z6hack9ool74c.ocx
/WINDOWS/system32/5564zwor9f5.bin
/WINDOWS/system32/556ddownl9a5er58z.cpl
/WINDOWS/system32/5571zhre9t5593.cpl
/WINDOWS/system32/559dszywa9e947.bin
/WINDOWS/system32/55cdaddz5re2859.cpl
/WINDOWS/system32/55e85ownl9ader26z7.ocx
/WINDOWS/system32/5615backdoor9411z.ocx
/WINDOWS/system32/561f5ir1z9.exe
/WINDOWS/system32/5757zte9l1658.ocx
/WINDOWS/system32/5791vir350z9.exe
/WINDOWS/system32/582f9aczdoor1358.exe
/WINDOWS/system32/5892ztea91262.dll
/WINDOWS/system32/59200spz735.cpl
/WINDOWS/system32/5927spz7ed.exe
/WINDOWS/system32/5955spywa95z700.bin
/WINDOWS/system32/59617szy91c.dll
/WINDOWS/system32/597cv9rz090.ocx
/WINDOWS/system32/5984thiez2862.cpl
/WINDOWS/system32/5991szeal16299.cpl
/WINDOWS/system32/59acadd9zre5639.cpl
/WINDOWS/system32/59azbackd9or171.cpl
/WINDOWS/system32/59zdthief2205.exe
/WINDOWS/system32/5a9zsparse1957.cpl
/WINDOWS/system32/5c0ft9reat11z22.bin
/WINDOWS/system32/5ce5sparz91985.dll
/WINDOWS/system32/5d0vzr593.cpl
/WINDOWS/system32/5d59s5yzare986.bin
/WINDOWS/system32/5d7astza915685.dll
/WINDOWS/system32/5d899ddwzre2983.ocx
/WINDOWS/system32/5d8zth59at15891.bin
/WINDOWS/system32/5ea9threatz7962.exe
/WINDOWS/system32/5f2fadzwa9e5182.ocx
/WINDOWS/system32/5f5c9ir5z9.bin
/WINDOWS/system32/5z0dsp9rse1558.cpl
/WINDOWS/system32/5z409wor97f1.ocx
/WINDOWS/system32/5z5fvir23419.bin
/WINDOWS/system32/5z94spa5bot10d.cpl
/WINDOWS/system32/6149sp9rsz16865.ocx
/WINDOWS/system32/615ztr9j35.ocx
/WINDOWS/system32/6160tz95416.bin
/WINDOWS/system32/619backz5or22049.cpl
/WINDOWS/system32/61z2ba95door871.cpl
/WINDOWS/system32/63szeal539.bin
/WINDOWS/system32/6413backdo5z2979.bin
/WINDOWS/system32/6495w5zmc.dll
/WINDOWS/system32/65059pzware21545.ocx
/WINDOWS/system32/6539zp9r5e3004.ocx
/WINDOWS/system32/6574ba9kdozr1473.cpl
/WINDOWS/system32/6595vizus3ae.exe
/WINDOWS/system32/6749z9r27345.ocx
/WINDOWS/system32/675es5eaz1497.dll
/WINDOWS/system32/681bt5rea918z83.exe
/WINDOWS/system32/691vi9z7395.cpl
/WINDOWS/system32/6959spambz5fb.cpl
/WINDOWS/system32/695ds9azse794.exe
/WINDOWS/system32/6985spzr9e1218.dll
/WINDOWS/system32/699zvir2532.bin
/WINDOWS/system32/69bb5d9ware3228z.exe
/WINDOWS/system32/69dzdownloa5er899.ocx
/WINDOWS/system32/6a1fs5eaz1490.exe
/WINDOWS/system32/6a66downloade5z679.ocx
/WINDOWS/system32/6fb15parze20689.dll
/WINDOWS/system32/6z1cbackdo5r979.dll
/WINDOWS/system32/6z96ad5wa9e250.bin
/WINDOWS/system32/6zbb9ownloader5218.exe
/WINDOWS/system32/704dzte9l5499.dll
/WINDOWS/system32/705bthrea9z115.cpl
/WINDOWS/system32/72z3spam9ot75e.bin
/WINDOWS/system32/73d2sp9rse552z.dll
/WINDOWS/system32/7463t9zef5081.ocx
/WINDOWS/system32/74z05pywar9728.bin
/WINDOWS/system32/7573z9ckdoor3224.dll
/WINDOWS/system32/75779pywzre10135.ocx
/WINDOWS/system32/7641h9cztool50d5.exe
/WINDOWS/system32/76c8stza91758.bin
/WINDOWS/system32/777cbazk9oor5965.exe
/WINDOWS/system32/78eespyw9rez51.exe
/WINDOWS/system32/7927sp5waze2479.dll
/WINDOWS/system32/7949not-a-v5zus32c.dll
/WINDOWS/system32/7951d5wnlo9der313z.exe
/WINDOWS/system32/79dezhr5at6895.bin
/WINDOWS/system32/7a845z9nloader2136.ocx
/WINDOWS/system32/7b57threatz929.bin
/WINDOWS/system32/7b5eszyware21889.bin
/WINDOWS/system32/7b5zst9al3235.dll
/WINDOWS/system32/7ed2z5reat190899.dll
/WINDOWS/system32/7ee5tzrea5792.ocx
/WINDOWS/system32/7f3f5iz1696.exe
/WINDOWS/system32/7z95addware1186.dll
/WINDOWS/system32/8192hzc5tool494.ocx
/WINDOWS/system32/8389hzc5tool329.ocx
/WINDOWS/system32/8892troj9z75.cpl
/WINDOWS/system32/88cszar591855.ocx
/WINDOWS/system32/90592viruz765.dll
/WINDOWS/system32/9120viz3501.exe
/WINDOWS/system32/91280sp5zbot29a.bin
/WINDOWS/system32/9171spyw5rz2804.exe
/WINDOWS/system32/92224viru51z8.bin
/WINDOWS/system32/9229zviru569f.exe
/WINDOWS/system32/92588vzru5459.cpl
/WINDOWS/system32/9275virz925e.ocx
/WINDOWS/system32/9288spy60z5.exe
/WINDOWS/system32/92b6sz5al1913.exe
/WINDOWS/system32/933fzir585.exe
/WINDOWS/system32/943cthief97z5.ocx
/WINDOWS/system32/9455wo9m3fz.cpl
/WINDOWS/system32/951dspywa5e1850z.exe
/WINDOWS/system32/9537zworm5a3.dll
/WINDOWS/system32/9561worm36z9.exe
/WINDOWS/system32/957fvir165z.ocx
/WINDOWS/system32/96341spambot1zf5.exe
/WINDOWS/system32/9635thief213z.dll
/WINDOWS/system32/9665spzmb9t3f.exe
/WINDOWS/system32/96679not-a-vizus759.ocx
/WINDOWS/system32/9678worm42z5.exe
/WINDOWS/system32/986z3t5oje3.cpl
/WINDOWS/system32/9879steaz5080.exe
/WINDOWS/system32/993cbac5dozr768.exe
/WINDOWS/system32/9940trzj9f5.ocx
/WINDOWS/system32/9b56thrzat156.ocx
/WINDOWS/system32/9b5steaz382.bin
/WINDOWS/system32/9z88v5rus21a9.bin
/WINDOWS/system32/9zff5pyware2061.exe
/WINDOWS/system32/a08threat149z5.dll
/WINDOWS/system32/b01spywaze9153.bin
/WINDOWS/system32/dafzhief9529.cpl
/WINDOWS/system32/ebv2.tmp.exe
/WINDOWS/system32/ec2spy5ar91546z.bin
/WINDOWS/system32/z07159irus650.exe
/WINDOWS/system32/z0949h5eat30925.exe
/WINDOWS/system32/z1059worm58.dll
/WINDOWS/system32/z2265ha9ktool6b.exe
/WINDOWS/system32/z245s9yware12845.dll
/WINDOWS/system32/z35c9ddware1965.cpl
/WINDOWS/system32/z3679orm75e.dll
/WINDOWS/system32/z498backdoor55.cpl
/WINDOWS/system32/z512vi9597.exe
/WINDOWS/system32/z5267wo9m5d.bin
/WINDOWS/system32/z52s9y52a.ocx
/WINDOWS/system32/z658st9al1507.dll
/WINDOWS/system32/z7379wor935b.bin
/WINDOWS/system32/z7adt5ief1999.dll
/WINDOWS/system32/z9155roj1669.ocx
/WINDOWS/system32/z9349i5118.bin
/WINDOWS/system32/zb85sparse9291.cpl
/WINDOWS/system32/zc2caddw5re9148.cpl
/WINDOWS/system32/zd9f5hief2921.bin
/WINDOWS/z019troj953.dll
/WINDOWS/z034vi9354.ocx
/WINDOWS/z0694n5t-a-virus441.cpl
/WINDOWS/z17269pambot590.exe
/WINDOWS/z2259hacktool65b9.cpl
/WINDOWS/z2798not-a5viru95f7.ocx
/WINDOWS/z295ir929.exe
/WINDOWS/z355troj79f.cpl
/WINDOWS/z4145wor932b.ocx
/WINDOWS/z50159irus599.bin
/WINDOWS/z5896worm9ca.bin
/WINDOWS/z590st5al189.dll
/WINDOWS/z59d9ir1095.dll
/WINDOWS/z67459rm719.ocx
/WINDOWS/z723bac5door967.bin
/WINDOWS/z751spywar92719.dll
/WINDOWS/z8182n5t-a-viru91e5.exe
/WINDOWS/z8965vir5s194.ocx
/WINDOWS/z8a2vi5931.ocx
/WINDOWS/z9354troj19e.bin
/WINDOWS/z939v5r2859.bin
/WINDOWS/z949worm559.ocx
/WINDOWS/z9968n5t-a-vi9us2bf.ocx
/WINDOWS/zeecbackdoo56109.ocx

#– Registry Created: –

[SOFTWARE]
[SYSTEM]
[SECURITIES]
[DEFAULT]
[NTUSER]

#– System Running Processes: –

command=(sample.exe):pid=(740:896):uid=(0)
command=(svchost.exe):pid=(260:508):uid=(0)
command=(svchost.exe):pid=(260:600):uid=(0)

#– Malware Traffic – DNS: –

www.systemwarrior.com

#– Malware Traffic – Connections: –

212.175.87.195.80

#– Malware Traffic – www: –

www.systemwarrior.com/systemwarrior.php?s=V%2FmBxNTuK8UCamG7fHysh3BbrGJ4%2B%2BOG0u9%2BZmlAcz4%3D
www.systemwarrior.com/systemwarrior.php?p=V%2FmBxNTuK8UCamG7fHysh3BbrGJ4%2B%2BOG0u9%2BZmlAcz4%3D
www.systemwarrior.com/systemwarrior.php?d1=V%2FmBxNTuK8UCamG7fHysh3BbrGJ4%2B%2BOG0u9%2BZmlAcz4%3D

#– Screenshots: –

Screen After 90 Seconds

Categories: malware Tags:
  1. No comments yet.
  1. No trackbacks yet.