Internet threat level: 1
Follow us on
Home→Descriptions→Packed.Win32.Katusha.m
Packed.Win32.Katusha.m
| Detected | Apr 30 2010 10:49 GMT |
| Released | Apr 30 2010 22:02 GMT |
This is a description which has been automatically generated following analysis of this program on a test machine. This description may contain incomplete or inaccurate information.
Summary
Technical details
File size of 86016 bytes.
Installation
Creates the following files on an infected computer:
-
Directory for storage of temporary files on Windows OS (usually, C:\Documents and Settings\
\Local Settings\Temp) %Temp%\Jgz..bat
Malicious activity
Connects to to the following Internet addresses:
- ***cararts.com:20480
Other activities
Deletes the following files on an infected computer:
- <path to source program><file of source program >
-
Directory for storage of temporary files on Windows OS (usually, C:\Documents and Settings\
\Local Settings\Temp) %Temp%\JGZ~1.BAT
Aliases
Packed.
- Trojan:
Downloader-CEW. b (McAfee) - Mal/FakeAV-CX (Sophos)
- Trojan.
FakeAV-3307 (ClamAV) - Trj/Zlob.
QF (Panda) - W32/FraudLoad.
F!Generic (FPROT) - Trojan:
Win32/Lodap!rts (MS(OneCare)) - Win32/TrojanDownloader.
FakeAlert. AYI trojan (Nod32) - Gen:
Variant. Renos. 14 (BitDef7) - Trojan.
DL. FakeAlert!vvyZeto0xaE (VirusBuster) - Win32:
Trojan-gen (AVAST) - Trojan.
Fakeav (Ikarus) - Downloader.
Generic9. BYAM (AVG) - Trojan.
FakeAV!gen24 (NAV) - NseCheckFile2() returned 0x00010018 (Norman)
- Trojan.
DL. FakeAlert!vvyZeto0xaE (VirusBusterBeta)
© 1997-2012 Kaspersky Lab ZAO. All Rights Reserved.
Industry-leading Antivirus Software.
Registered trademarks and service marks are the property of their respective owners.