Mcafee Wiki
Don't have an account?
Register
Advertisement
Register

Generic.evx!bz!AD6F72​B851EB

Revision as of 23:57, 15 August 2012 by ROBLOXIANS (talk | contribs) (Created page with "right|300px <p style="margin-top:0px;margin-bottom:10px;outline:0px;font-size:11px;color:rgb(0,0,0);font-family:Verdana,Arial,sans-serif;line-height:16.5px...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
 Edit
File:Placeholder


This is a Trojan detection. Unlike viruses, Trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted. The most common installation methods involve system or security exploitation, and unsuspecting users manually executing unknown programs. Distribution channels include e-mail, malicious or hacked Web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc.




Minimum DAT

6803 (2012-08-14)

Updated DAT

6803 (2012-08-14)

 Minimum Engine

5400.1158

File Length

879104

 Description Added

2012-08-14

Description Modified

2012-08-14




This is a Trojan


File Properties Property Values
McAfee Detection Generic.evx!bz
Length 879104 bytes
MD5 ad6f72b851ebcf7bf7c8b1c551140c5f
SHA1 37275cfd9e185b979c15fb8681c4c8434f224ed9




Other Common Detection Aliases


Company Names Detection Names
EMSI Software Trojan.SuspectCRC!IK
avast Win32:FinSpy-A
AVG (GriSoft) Dropper.Generic6.NHD
avira TR/Dropper.Gen
Kaspersky Trojan.Win32.Agentb.ty
BitDefender Trojan.Generic.6854490
clamav PUA.Win32.Packer.SetupExeSection
Dr.Web Trojan.MulDrop3.31380
FortiNet Evx.BZ!tr
Microsoft Trojan:Win32/Spinfy.A
Symantec Backdoor.Finfish
Eset Win32/Belesak.D trojan
norman W32/Troj_Generic.DCTRI
panda Generic Trojan
Sophos Troj/FinFish-B
Trend Micro TROJ_FINSPY.A
vba32 Trojan.Agentb.ty
V-Buster Trojan.Agentb!5zZ9ImcrE6c (trojan)


Other brands and names may be claimed as the property of others.




Activities Risk Levels
Enumerates many system files and directories.
Process attempts to call itself recursively
Attempts to write to a memory location of an unknown process
No digital signature is present





McAfee Scans Scan Detections
McAfee Beta Generic.evx!bz
McAfee Supported Generic.evx!bz




System Changes

Some path values have been replaced with environment variables as the exact location may vary with different configurations. e.g. %WINDIR% = \WINDOWS (Windows 9x/ME/XP/Vista/7), \WINNT (Windows NT/2000) %PROGRAMFILES% = \Program Files



The following files were analyzed:

37275cfd9e185b979c15fb8681c4c8434f224ed9

The following files have been added to the system:


  • %TEMP%\37275cfd9e185b979c15fb8681c4c8434f224ed9.jpg
  • %TEMP%\tmp11.tmp
The following files were temporarily written to disk then later removed:


  • %TEMP%\delete.bat
  • %TEMP%\driverw.sys
  • %TEMP%\tmp12.tmp
Community content is available under CC-BY-SA unless otherwise noted.
Advertisement

Fan Feed