Home » Virus List
Trojan.Agent
Risk Level 1
 
File Size : 2214912 KB
File Type : Portable Executable file Win32 EXE
File Name

BaraAsba.exe

MD5

e84cdc6360c569bb6ca2e657ee5bc645

SHA1

2dcf24cec8f90f1d84b5f60e79aceab2393043fa

SHA256

85b48ea87fd40ecd430aba90659936a57ef37b4b89a6fcb8c5

General information:

* File name: C:\Users\vmware\Desktop\report\BaraAsba.exe

Changes to registry :

* Creates value "(Default)=31" in key HKEY_CURRENT_USER\software\SandboxAutoExec
* Creates value "SandboxieRpcSs.exe=Sandboxie COM Services (RPC)" in key HKEY_CURRENT_USER\software\classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Program Files\Sandboxie
binary data=530061006E00640062006F00780069006500200043004F004D002000530065007200760069006300650073002000280052005000430029000000

Changes to filesystem:

* No changes

Network services:

* Queries DNS "safebrowsing.google.com".
* Queries DNS "safebrowsing-cache.google.com".
* Queries DNS "www.gstatic.com".

Process/window/string information:

* Checks for debuggers.
* Creates an event named "Global\CorDBIPCSetupSyncEvent_288".
* Contains string FTP information stealer ("BPFTP")
* Contains string Checked for AVG security software presence ("AVGW")
* Contains string Checked for F-Secure security software presence ("FSAA")

Additional Information:

How To Remove BaraAsba.exe

1.Download Sniper Antivirus
2.Install the exe file on your system.
3.Full Scan your Computer OR Folder where BaraAsba.exe located.
4.Once the scan is finished, you’ll get the message “scan is complete”.
Click OK button to get the results.
5.Then Delete the threat from table.

Top