PARA USUARIOS

Mi biblioteca

+ Añadir a la biblioteca

Buscar

Soporte 24 horas | Normas de contactar

Escribir

una solicitud al rellenar un formulario

Llamar

+7 (495) 789-45-86

Foro

Sus solicitudes

Todas: -
No cerradas: -
Última: -

Crear una nueva solicitud

Llamar

+7 (495) 789-45-86

ES

RU CN DE EN ES FR IT JP KZ UZ PL BY

Dr.Web vxCube

Entrar en el analizador

Peritaje de IIV

Biblioteca de virus

Base de conocimiento

Tecnologías

Términos

Formación y educación

Mitos

Mitos sobre los antivirus

Win32.HLLW.Autoruner.51762

Added to the Dr.Web virus database: 2011-06-14

Virus description added: 2011-06-14

Technical Information

To ensure autorun and distribution:

Creates the following files on removable media:

<Drive name for removable media>:\tiajo.exe
<Drive name for removable media>:\cWn.ico
<Drive name for removable media>:\autorun.inf

Malicious functions:

Creates and executes the following:

%HOMEPATH%\vuenat.exe
%HOMEPATH%\tiajo.exe
%HOMEPATH%\tgHb8Ps4s67hU1.exe
%HOMEPATH%\uvagu.exe

Executes the following:

<SYSTEM32>\tasklist.exe

Modifies file system :

Creates the following files:

%HOMEPATH%\vuenat.exe
%HOMEPATH%\tiajo.exe
%HOMEPATH%\tgHb8Ps4s67hU1.exe
%HOMEPATH%\uvagu.exe

Sets the 'hidden' attribute to the following files:

<Drive name for removable media>:\cWn.ico
<Drive name for removable media>:\autorun.inf
%HOMEPATH%\tiajo.exe

Network activity:

Connects to:

'74.##5.232.51':80

TCP:

HTTP GET requests:

74.##5.232.51/

UDP:

DNS ASK da##.net
DNS ASK ap#.#ostip.info
DNS ASK ni###snimbus.in
DNS ASK ti##pic.com
DNS ASK ma##h.com
DNS ASK google.com

Miscellaneous:

Searches for the following windows:

ClassName: '985012676' WindowName: '16782553'
ClassName: '1172493948' WindowName: '1877910640'
ClassName: '709249676' WindowName: '1312303296'
ClassName: '798051217' WindowName: '1096384471'
ClassName: '2108206376' WindowName: '585156559'
ClassName: '1030987715' WindowName: '1875062483'
ClassName: '1530484026' WindowName: '1508447782'
ClassName: '1884123892' WindowName: '1685443787'
ClassName: '1399885753' WindowName: '2099443876'
ClassName: '262112888' WindowName: '188482653'
ClassName: '1101475750' WindowName: '839780931'
ClassName: '1905763687' WindowName: '1417665287'
ClassName: '1943955950' WindowName: '1030983597'
ClassName: '883852357' WindowName: '1439477085'
ClassName: '1451568908' WindowName: '1027907393'
ClassName: '416172119' WindowName: '1477478325'
ClassName: '799949103' WindowName: '1300218861'
ClassName: '628600298' WindowName: '878137236'
ClassName: '1150922838' WindowName: '1353010610'
ClassName: '175304535' WindowName: '845679800'
ClassName: '2134363545' WindowName: '2129292289'