W32/Changeup-C

    Category: Viruses and SpywareProtection available since:01 Nov 2011 15:30:14 (GMT)
    Type: Win32 wormLast Updated:01 Nov 2011 15:30:14 (GMT)
    Prevalence: Small Number of Reports

    Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

    W32/Changeup-C exhibits the following characteristics:

    File Information

    Size
    296K
    SHA-1
    aafb3c5a218bcf43928c875fa2d0879a84e6c475
    MD5
    f1ae26272b30546abe40f7c529ce6afc
    CRC-32
    eaa6b246
    File type
    application/x-ms-dos-executable
    First seen
    2011-07-04

    Runtime Analysis

    Dropped Files
    • F:/jiupi.exe
    • c:\Documents and Settings\test user\jiupi.exe
    • F:/Secret.exe
    • F:/Sexy.exe
    • F:/Porn.exe
    • F:/Passwords.exe
    Registry Keys Created
    • HKCU\Software\Microsoft\Windows\CurrentVersion\Run
      jiupi
      c:\Documents and Settings\test user\jiupi.exe /G
    Registry Keys Modified
    • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
      ShowSuperHidden
      0x00000000
    Processes Created
    • c:\Documents and Settings\test user\jiupi.exe
    DNS Requests
    • ns1.player1532.com

    Download Sophos HomeDownload
    Sophos Home

    Free business-grade security for the home.

    Endpoint Protection