UDS:DangerousObject.Multi.Generic (Kaspersky), Trojan-PSW.Win32.MSNPassword.FD, Trojan.Win32.FlyStudio.FD, TrojanFlySky.YR, TrojanFlyStudio.YR (Lavasoft MAS)Behaviour: Trojan-PSW, Trojan
The description has been automatically generated by Lavasoft Malware Analysis System and it may contain incomplete or inaccurate information.
Summary
MD5: 02f734f348c9820e2ccdf21eab2bf24a
SHA1: 607833d0242d19391fb3bcf3eb85bf253f433d1a
SHA256: ffa8d874c7ed7696c8cd3d1c0159bdd4203815d0f3d5c094e83f278eccc50e22
SSDeep: 24576:PyIbHYdndhWJGyYb3MdX1H9zeJW8md9IHHjgVdQOwgPcQDLvU:PJ4dd8TYEXd9zYNyWHHMVVLvU
Size: 1469440 bytes
File type: EXE
Platform: WIN32
Entropy: Packed
PEID: PackerUPXCompresorGratuitowwwupxsourceforgenet, UPolyXv05_v6
Company: no certificate found
Created at: 2015-07-07 18:41:26
Analyzed on: WindowsXP SP3 32-bit
Summary: Trojan. A program that appears to do one thing but actually does another (a.k.a. Trojan Horse).
Dynamic Analysis
Payload
No specific payload has been found.
Process activity
The Trojan creates the following process(es):No processes have been created.The Trojan injects its code into the following process(es):
%original file name%.exe:212
Mutexes
The following mutexes were created/opened:No objects were found.
File activity
The process %original file name%.exe:212 makes changes in the file system.
The Trojan creates and/or writes to the following file(s):
%Documents and Settings%\%current user%\Favorites\脙茠脗聧脙茠脗垄脙鈥毭偮姑兤捗⑩偓鈩⒚兤捗⑩偓鈥澝兤捗偮访冣