SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  Dropper.A_3933
Dropper.A_3933 is a Trojan. A Trojan is a program that pretends to have a valid use, but in fact modifies the user's computer in malicious ways. Trojans do not replicate or spread to other computers.

      Process Related Changes
      It creates the following mutex(es):
      • CTF.TMD.MutexDefaultS-1-5-21-1078081533-842925246-854245398-1003"
      • CTF.TimListCache.FMPDefaultS-1-5-21-1078081533-842925246-854245398-1003MUTEX.DefaultS-1-5-21-1078081533-842925246-854245398-1003"
      • CTF.Compart.MutexDefaultS-1-5-21-1078081533-842925246-854245398-1003"
      • CTF.Layouts.MutexDefaultS-1-5-21-1078081533-842925246-854245398-1003"
      • MSCTF.Shared.MUTEX.EI"
      • CTF.Asm.MutexDefaultS-1-5-21-1078081533-842925246-854245398-1003"
      • CTF.LBES.MutexDefaultS-1-5-21-1078081533-842925246-854245398-1003"

      It creates the following process(es):
      • C:\WINDOWS\Temp\cd876230dd5b35dc787ea5c4f0de7a04.exe [ \c:\windows\temp\cd876230dd5b35dc787ea5c4f0de7a04.exe ]
      • C:\DOCUME1\Admin\LOCALS1\Temp\YShow3D.exe [ C:\DOCUME1\Admin\LOCALS1\Temp\\YShow3D.exe /i \u00ce\u00b4\u00bc\u00ec\u00b2\u00e2\u00b5\u00bd\u00d3\u00c3\u00d3\u00d1U8V10.1\u00b0\u00e6USB\u00bc\u00d3\u00c3\u00dc\u00b9\u00b7\u00a3\u00ac\u00c7\u00eb\u00c8\u00b7\u00c8\u00cf\u00ba\u00f3\u00d4\u00d9\u00ca\u00d4\u00a3\u00a1 /t \u00cc\u00e1\u00ca\u00be\u00d0\u00c5\u00cf\u00a2\u00a3\u00ba /k 64 ]


          Relevant Information


          © SonicWall 2020 | Privacy Policy | Conditions for use Version: 10.0