| Visit ThreatExpert web site | | | Close Report |
[Ikarus]
 | File System Modifications |
| # | Filename(s) | File Size | File Hash | Alias |
| 1 | c:\ProgramData\ift.txt | 12 bytes | MD5: 0xCF31F837801A7EF7A2D9FCD47D619105 SHA-1: 0x1A156CA30419D61D220F53D7E0C946B80614CDD3 |
(not available) |
| 2 | c:\ProgramData\Project3.bat | 30 bytes | MD5: 0xE30277AEE3F7CD9226A8986583D7E827 SHA-1: 0xA615B29F99DFD6DAD9B0E12C531D5BC8E6AFDF26 |
(not available) |
| 3 | c:\ProgramData\Project3.cpl | 514,048 bytes | MD5: 0x4A913D350955B4EA24BEFBB47E224322 SHA-1: 0xBDF6453599FB3940764D4BBDBD8497295814B0DB |
TrojanProxy:Win32/Banker.AL [Microsoft] Trojan-Banker.Win32.Banbra [Ikarus] |
| 4 | [file and pathname of the sample #1] | 499,282 bytes | MD5: 0x968459E6CC623453E5F3396C66F039B4 SHA-1: 0xA6D80C84BAE483F237690A1283E1E24883E47CBA |
Trojan-Banker.Win32.Banbra [Ikarus] |
 | Memory Modifications |
| Process Name | Process Filename | Main Module Size |
| [filename of the sample #1] | [file and pathname of the sample #1] | 405,504 bytes |
 | Other details |
 |
Brazil |
| Server Name | Server Port | Connect as User | Connection Password |
| www.facebook.com | 80 | (null) | (null) |
All content ("Information") contained in this report is the copyrighted work of Threat Expert Ltd and its associated companies ("ThreatExpert") and may not be copied without the express permission of ThreatExpert.
The Information is provided on an "as is" basis. ThreatExpert disclaims all warranties, whether express or implied, to the maximum extent permitted by law, including the implied warranties that the Information is merchantable, of satisfactory quality, accurate, fit for a particular purpose or need, or non-infringing, unless such implied warranties are legally incapable of exclusion. Further, ThreatExpert does not warrant or make any representations regarding the use or the results of the use of the Information in terms of their correctness, accuracy, reliability, or otherwise.
Copyright © 2013 ThreatExpert. All rights reserved.