Feec861c2e40631de8e13e9c3e669fb9
Jump to navigation
Jump to search
Description
INCOMPLETE SECTION OR ARTICLE
This section/article is being written and is therefore not complete.
Thank you for your comprehension.
Thank you for your comprehension.
Detection
Antivirus detection
| Antivirus | Result | Update |
|---|---|---|
| Agnitum | Trojan.DR.Agent.LMTY | 20131010 |
| AhnLab-V3 | Win32/Nuqel.worm.2087936 | 20131011 |
| AntiVir | TR/Patched.Ren.Gen3 | 20131011 |
| Antiy-AVL | Trojan/win32.agent.gen | 20131011 |
| Avast | Win32:AutoIt-BOQ [Trj] | 20131011 |
| AVG | Worm/Autoit.ATGP | 20131010 |
| Baidu-International | Worm.Win32.Sohanad.awIj | 20131010 |
| BitDefender | Trojan.Generic.7394629 | 20131011 |
| Bkav | W32.YahLoverQKB.Trojan | 20131010 |
| ByteHero | - | 20130924 |
| CAT-QuickHeal | Worm.AutoIt.Sohanad.AU | 20131011 |
| ClamAV | - | 20131011 |
| Commtouch | W32/Trojan.HDJO-1571 | 20131011 |
| Comodo | UnclassifiedMalware | 20131011 |
| DrWeb | Win32.HLLW.Autoruner1.52343 | 20131011 |
| Emsisoft | Trojan.Generic.7394629 (B) | 20131011 |
| ESET-NOD32 | Win32/Sohanad.NCB | 20131010 |
| F-Prot | - | 20131011 |
| F-Secure | - | 20131011 |
| Fortinet | W32/SOHAND.SM!worm | 20131011 |
| GData | Trojan.Generic.7394629 | 20131011 |
| Ikarus | Worm.Win32.AutoIt | 20131011 |
| Jiangmin | - | 20130903 |
| K7AntiVirus | Trojan | 20131010 |
| K7GW | Trojan | 20131010 |
| Kaspersky | IM-Worm.Win32.Sohanad.pw | 20131011 |
| Kingsoft | Win32.Troj.Generic.a.(kcloud) | 20130829 |
| Malwarebytes | - | 20131011 |
| McAfee | Artemis!FEEC861C2E40 | 20131011 |
| McAfee-GW-Edition | Artemis!FEEC861C2E40 | 20131011 |
| Microsoft | Worm:Win32/Nuqel.Z | 20131011 |
| MicroWorld-eScan | Trojan.Generic.7394629 | 20131011 |
| NANO-Antivirus | Trojan.Win32.Sohanad.lczxu | 20131011 |
| Norman | Autoit.EKF | 20131011 |
| nProtect | - | 20131011 |
| Panda | Trj/Autoit.gen | 20131011 |
| PCTools | - | 20131002 |
| Rising | - | 20131011 |
| Sophos | Mal/Generic-S | 20131011 |
| SUPERAntiSpyware | - | 20131011 |
| Symantec | WS.Reputation.1 | 20131011 |
| TheHacker | Trojan/Sohanad.ncb | 20131010 |
| TotalDefense | Win32/Yahlover.PW | 20131010 |
| TrendMicro | TROJ_FAM_0000533.TOMA | 20131011 |
| TrendMicro-HouseCall | TROJ_FAM_0000533.TOMA | 20131011 |
| VBA32 | Trojan-Downloader.Autoit.gen | 20131010 |
| VIPRE | Trojan.Win32.Generic!BT | 20131011 |
| ViRobot | - | 20131011 |
Analysis
Dropper behavior
- regsvr.exe (PID 1088)
- cmd.exe (PID 1996)
- at.exe (PID 376)
- cmd.exe (PID 996)
- at.exe (PID 1428)
- cmd.exe (PID 1996)
Links
- Virustotal: https://www.virustotal.com/en/file/13fb0886775c8ab84839d52ab0e4297ab42929ca4931147ebb0b317de5ff1f37/analysis/1381474261/
- Malwr: https://malwr.com/analysis/NzIwZTJiYzIzNDc5NGMzNDk5NzQ2ZDIxMjI5ODAwNzg/