VB.NYY is a Trojan. A Trojan is a program that pretends to have a valid use, but in fact modifies the user's computer in malicious way. Trojans do not replicate or spread to other computers.
Process Related Changes
It creates the following mutex(es):
- "MSIMGSIZECacheMutex"
- "{1B655094-FE2A-433c-A877-FF9793445069}"
- "IESQMMUTEX_0_208"
- "_!SHMSFTHISTORY!_"
Network Activity
It attempts to connect to the following remote servers: - 1d3825c9.linkbucks.com:80 (199.59.xxxxxx)
- www-google-analytics.l.google.com:80 (74.125.xxxxxx)
- gs1.wac.v4cdn.net:80 (93.184.xxxxxx)
- cf-protected-www.film-player.com:80 (108.162.xxxxxx)
- cf-ssl2463-protected-ajax.cloudflare.com.cdn.cloudflare.net:80 (190.93xxxxxx)
- cc8fbb7a.linkbucks.com:80 (199.59.xxxxxx)
- www.linkbucksmedia.com:80 (199.59.xxxxxx)
- 2b2256f5.linkbucks.com:80 (199.59.xxxxxx)
We observed the following DNS query/queries: - www.film-player.com
- cc8fbb7a.linkbucks.com
- 2b2256f5.linkbucks.com
- www.linkbucksmedia.com
- static.linkbucks.com
- www.google-analytics.com
- 1d3825c9.linkbucks.com
- ajax.cloudflare.com
|
