Virus

W32/Agent.AFJ!tr

Analysis

W32/Agent.AFJ!tr - 05-12-31


General Info:

This threat is a "PE" executable file, with file size 3045, with file compression: FSG

Files:

  • Copies itself to: undefinedSystemDirectoryundefined

Installation to System:

  • When run, it copies itself to:
    undefinedWindowsFolderundefined
  • And creates these registry entries:
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SystemLoader = "undefinedWindowsFolderundefined\sysldr32.exe"

More Info:

This program attempts to download the following files: http://72.36.244.185/0031/xp_0031.exe http://72.36.244.185/0031/xp_nb47.exe http://72.36.244.185/0031/tool.exe http://72.36.244.185/0031/9x_9804.exe http://72.36.244.185/0031/9x_nb47.exe http://72.36.244.185/0031/tool.exe The website is currently unavailable.