SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  Anilogo.B_2
Anilogo.B_2 is a Virus. A Virus is a software program capable of reproducing itself spreading to other programs on the same computer or on other computers via the network. Anilogo.B_2 is compressed using the executable packer and its file size is 941,568 bytes. It also changes Windows registry:
  • Creates key "HKCU\Software\WinRAR\Profiles\0".
  • Sets value "Name"="Default Profile" in key "HKCU\Software\WinRAR\Profiles\0".
  • Sets value "Default"="\x01" in key "HKCU\Software\WinRAR\Profiles\0".
  • Sets value "ImmExec"="" in key "HKCU\Software\WinRAR\Profiles\0".
  • Sets value "ExclNames"="" in key "HKCU\Software\WinRAR\Profiles\0".
  • Sets value "StoreNames"="" in key "HKCU\Software\WinRAR\Profiles\0".
  • Sets value "UseRAR"="\x01" in key "HKCU\Software\WinRAR\Profiles\0".
  • Sets value "SFXModule"="" in key "HKCU\Software\WinRAR\Profiles\0".
  • Sets value "SFXIcon"="" in key "HKCU\Software\WinRAR\Profiles\0".
  • Sets value "SFXLogo"="" in key "HKCU\Software\WinRAR\Profiles\0".
  • Sets value "CmtFile"="" in key "HKCU\Software\WinRAR\Profiles\0".
  • Sets value "CmtText"="" in key "HKCU\Software\WinRAR\Profiles\0".
  • Sets value "VolumeSize"="0" in key "HKCU\Software\WinRAR\Profiles\0".
  • Sets value "VolPause"="" in key "HKCU\Software\WinRAR\Profiles\0".
  • Sets value "OldVolNames"="" in key "HKCU\Software\WinRAR\Profiles\0".
  • Sets value "RecVolNumber"="" in key "HKCU\Software\WinRAR\Profiles\0".
  • Sets value "Update"="" in key "HKCU\Software\WinRAR\Profiles\0".
  • Sets value "Fresh"="" in key "HKCU\Software\WinRAR\Profiles\0".
  • Sets value "SyncFiles"="" in key "HKCU\Software\WinRAR\Profiles\0".
  • Sets value "Move"="" in key "HKCU\Software\WinRAR\Profiles\0".
  • Sets value "Solid"="" in key "HKCU\Software\WinRAR\Profiles\0".
  • Creates key "HKCU\Software\WinRAR\Profiles\1".
  • Sets value "Name"="Create e-mail attachment" in key "HKCU\Software\WinRAR\Profiles\1".
  • Sets value "Default"="" in key "HKCU\Software\WinRAR\Profiles\1".
  • Sets value "ImmExec"="" in key "HKCU\Software\WinRAR\Profiles\1".
  • Sets value "ExclNames"="" in key "HKCU\Software\WinRAR\Profiles\1".
  • Sets value "StoreNames"="" in key "HKCU\Software\WinRAR\Profiles\1".
  • Sets value "UseRAR"="\x01" in key "HKCU\Software\WinRAR\Profiles\1".
  • Sets value "SFXModule"="" in key "HKCU\Software\WinRAR\Profiles\1".
  • Sets value "SFXIcon"="" in key "HKCU\Software\WinRAR\Profiles\1".
  • Sets value "SFXLogo"="" in key "HKCU\Software\WinRAR\Profiles\1".
  • Sets value "CmtFile"="" in key "HKCU\Software\WinRAR\Profiles\1".
  • Sets value "CmtText"="" in key "HKCU\Software\WinRAR\Profiles\1".
  • Sets value "VolumeSize"="0" in key "HKCU\Software\WinRAR\Profiles\1".
  • Sets value "Move"="" in key "HKCU\Software\WinRAR\Profiles\1".
It creates the following mutex to ensure only one instance is running: WinRAR_Busy.


Relevant Information