Home » Virus List
Trojan.Agent
Risk Level 1
 
File Size : 629760 KB
File Type : Portable Executable 32
File Name

Adobe_Flash.exe

MD5

ae6b07e3fce9a63921dafedce8cfb0c6

SHA1

190317c17e83ad8355f971616118f735d3c06a4c

SHA256

fae56fde2adc018e238ceba42363c57a2ecdb013450b871d81

General information:

* File name: C:\Users\cognus\Desktop\Analyzed Viruses\6 June 2016\New folder\Sample\ae6b07e3fce9a63921dafedce8cfb0c6.exe

Changes to registry :

* Creates value "NukeOnDelete=00000001" in key HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Explorer\BitBucket
* Creates value "UseGlobalSettings=00000001" in key HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Explorer\BitBucket
* Creates value "DontShowUI=00000001" in key HKEY_LOCAL_MACHINE\software\microsoft\Windows\Windows Error Reporting
* Creates Registry key HKEY_LOCAL_MACHINE\software\microsoft\Windows\Windows Error Reporting\LocalDumps
* Modifies value "NukeOnDelete=00000001" in key HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Explorer\BitBucket\Volume\{c9d04f3b-1c7e-11e6-979c-806e6f6e6963}
old value empty
* Creates value "(Default)=31" in key HKEY_CURRENT_USER\software\SandboxAutoExec
* Creates value "SandboxieRpcSs.exe=Sandboxie COM Services (RPC)" in key HKEY_CURRENT_USER\software\classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Program Files\Sandboxie
binary data=530061006E00640062006F00780069006500200043004F004D002000530065007200760069006300650073002000280052005000430029000000

Changes to filesystem:

* No changes

Network services:

* No changes

Process/window/string information:

* Gets system default language ID.
* Gets input locale identifiers.
* Checks for debuggers.
* Creates a mutex "lklk456549889780450".

Additional Information:

How To Remove Adobe_Flash.exe

1.Download Sniper Antivirus
2.Install the exe file on your system.
3.Full Scan your Computer OR Folder where Adobe_Flash.exe located.
4.Once the scan is finished, you’ll get the message “scan is complete”.
Click OK button to get the results.
5.Then Delete the threat from table.

Top