Troj/Sasfis-O

    Category: Viruses and SpywareProtection available since:16 Apr 2011 22:45:59 (GMT)
    Type: TrojanLast Updated:16 Apr 2011 22:45:59 (GMT)
    Prevalence: Small Number of Reports

    Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

    Examples of Troj/Sasfis-O include:

    Example 1

    File Information

    Size
    5.2M
    SHA-1
    76738d71459a99818987317e388407ac60fda021
    MD5
    4c0d4ba52108e3ac243711ec8ab8f72e
    CRC-32
    f1fc15e8
    File type
    application/x-ms-dos-executable
    First seen
    2011-04-16

    Other vendor detection

    Kaspersky
    Trojan.Win32.Sasfis.bhiw

    Runtime Analysis

    Copies Itself To
    • c:\Documents and Settings\test user\Local Settings\Application Data\usnscv.exe
    Dropped Files
    • c:\Documents and Settings\test user\Local Settings\Application Data\SBot_1.99.1.exe
      Size
      4.2M
      SHA-1
      9949d526d4ba3f25151b35965f1683d515cdeeb2
      MD5
      5093472b14333ab37f22de4fbbba7591
      CRC-32
      83d13f89
      File type
      application/x-ms-dos-executable
      First seen
      2011-04-05
    Processes Created
    • c:\windows\system32\cmd.exe
    HTTP Requests
    • http://p3z0s/getme.php
    IP Connections
    • 174.138.160.18:80

    Example 2

    File Information

    Size
    4.2M
    SHA-1
    9949d526d4ba3f25151b35965f1683d515cdeeb2
    MD5
    5093472b14333ab37f22de4fbbba7591
    CRC-32
    83d13f89
    File type
    application/x-ms-dos-executable
    First seen
    2011-04-05

    Example 3

    File Information

    Size
    320K
    SHA-1
    d14b4298df2514bb5a17236d2de1a7eb611fdf52
    MD5
    8282aae701dc14ada51fb3a813adae18
    CRC-32
    f399b366
    File type
    application/x-ms-dos-executable
    First seen
    2011-04-16

    Runtime Analysis

    HTTP Requests
    • http://p3z0s/getme.php
    IP Connections
    • 174.138.160.18:80

    Download Sophos HomeDownload
    Sophos Home

    Free business-grade security for the home.

    Endpoint Protection