Ada97c5cbf8f7aef692a18ffde15fde1
Jump to navigation
Jump to search
Description
INCOMPLETE SECTION OR ARTICLE
This section/article is being written and is therefore not complete.
Thank you for your comprehension.
Thank you for your comprehension.
Detection
Antivirus detection
Detection ratio: 35/48 (2013-10-11)
| Antivirus | Result | Update |
|---|---|---|
| Agnitum | Trojan.DR.Agent.LMTY | 20131010135559 |
| AhnLab-V3 | Win32/Nuqel.worm.2087936 | 20131011054232 |
| AntiVir | TR/Patched.Ren.Gen3 | 20131011041121 |
| Antiy-AVL | - | 20131011054420 |
| Avast | Win32:AutoIt-BOQ [Trj] | 20131011095913 |
| AVG | Patched_c.AQUR | 20131010231227 |
| Baidu-International | Worm.Win32.Sohanad.aBh | 20131011084144 |
| BitDefender | Trojan.Dropper.Agent.VID | 20131011080727 |
| Bkav | W32.YahLoverQKB.Trojan | 20131010141458 |
| ByteHero | - | 20130613085152 |
| CAT-QuickHeal | Worm.AutoIt.Sohanad.AU | 20131011061248 |
| ClamAV | - | 20131011041507 |
| Commtouch | W32/Trojan.ZOEE-3718 | 20131011072636 |
| Comodo | UnclassifiedMalware | 20131011081319 |
| DrWeb | Win32.HLLW.Autoruner1.52343 | 20131011091915 |
| Emsisoft | - | 20131011092018 |
| ESET-NOD32 | Win32/Sohanad.NCB | 20131011091523 |
| F-Prot | - | 20131011081930 |
| F-Secure | Trojan.Dropper.Agent.VID | 20131011093610 |
| Fortinet | W32/SOHAND.SM!worm | 20131011074019 |
| GData | Trojan.Dropper.Agent.VID | 20131011082043 |
| Ikarus | Worm.Win32.AutoIt | 20131011094146 |
| Jiangmin | - | 20130903053935 |
| K7AntiVirus | Trojan | 20131010175706 |
| K7GW | Trojan | 20131010181400 |
| Kaspersky | IM-Worm.Win32.Sohanad.pw | 20131011092652 |
| Kingsoft | Win32.Troj.Generic.a.(kcloud) | 20130829055915 |
| Malwarebytes | - | 20131011065750 |
| McAfee | Artemis!ADA97C5CBF8F | 20131011091319 |
| McAfee-GW-Edition | Artemis!ADA97C5CBF8F | 20131011063505 |
| Microsoft | Worm:Win32/Nuqel.Z | 20131011051810 |
| MicroWorld-eScan | Trojan.Dropper.Agent.VID | 20131011075502 |
| NANO-Antivirus | Trojan.Win32.Sohanad.cgqsjm | 20131011075748 |
| Norman | Autoit.EKF | 20131011071726 |
| nProtect | - | 20131011052302 |
| Panda | Trj/Autoit.gen | 20131011084706 |
| PCTools | - | 20131002161145 |
| Rising | - | 20131011033218 |
| Sophos | Mal/Generic-S | 20131011094455 |
| SUPERAntiSpyware | - | 20131011011039 |
| Symantec | - | 20131011094658 |
| TheHacker | Trojan/Sohanad.ncb | 20131010190457 |
| TotalDefense | Win32/Yahlover.PW | 20131010220447 |
| TrendMicro | TROJ_FAM_0000533.TOMA | 20131011095250 |
| TrendMicro-HouseCall | TROJ_FAM_0000533.TOMA | 20131011085243 |
| VBA32 | Trojan-Downloader.Autoit.gen | 20131011095659 |
| VIPRE | Trojan.Win32.Generic!SB.0 | 20131011053912 |
| ViRobot | - | 20131011045924 |
Analysis
Dropper behavior
- regsvr.exe (PID 1088)
- cmd.exe (PID 1996)
- at.exe (PID 376)
- cmd.exe (PID 996)
- at.exe (PID 1428)
- cmd.exe (PID 1996)
Links
- Virustotal: https://www.virustotal.com/en/file/482ae227d033e887c5498ea99531b338f80ee17c10a4229d026c379950db5f5f/analysis/1381482187/
- Malwr: https://malwr.com/analysis/OWFlZWRkMmI5MGRjNDNmYjkwZGI3NzFkMzg1ZmQxODQ/