Our team of researches surfs the Internet on an everyday basis in search of the latest registry news and relevant information useful to visitors. This site strives to provide exciting registry information with two basic principles; Simplicity and Quality, with reference to the best information on registries.
The writers of the site present articles illustrated with images, while ensuring that the articles are both clear and concise in order to provide professional, yet easy to understand articles. Registry products and problems are analyzed and evaluated so as to present visitors with professional and factual articles. More...
May
22nd

Extending Your Knowledge on Malware: Trojan.Win32.Small.bxz

Author: Indre | Files under Fix slow PC

You downloaded a torrent file from the Internet and were immediately faced with an unexpected problem.finger_print2.gif On top of that, whenever you switch to another folder, an annoying pop-up appears alerting you that something dangerous happened to your system. A recent computer threat that many general computer users have put in the spotlight is recognized as Trojan.Win32.Small.bxz.

Being a malicious trojan horse or bot, the mentioned Trojan has the objective to indicate security risk for the compromised system and its network environment.

File Name : eqyejg.ivj  
File Size : 28672 byte  
File Type : PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bi  
MD5 : 4650ce52300efa7b961fe2c929741dff  
SHA1 : 1397488c21177ebe1386aabacf7b26d3ea8b437d  

Table 1.Technical information the Trojan

Below you may notice file system modifications which were made by this trojan. The following file was created in the system:

    Filename(s):
    1 [file and pathname of the sample #1]
File size:
28,672 bytes
File Hash Alias:
MD5:0xD680BE5D13BBB7B14A05F2CB3F86AE48
SHA-1: 0xF5498D369317BBC1EA4A6FDFB21FCEC5E3668B61

Keep in mind that memory was modified as well. The fact is that a new process was created in the system.

Process Name:
[generic host process]
Process Filename:
[generic host process filename]
Main Module Size:
20,480 bytes

The alias names of the Trojan are provided below. They are worth noting so as not to get lost in the ocean of names. Take a look.

Alias names
Trojan.Win32.Small!IK
Win-Trojan/Agent.28672.YB
TR/Agent.imh
Win32:Trojan-gen {Other}
Agent.4.AK
Trojan.Agent.AMTB
Trojan.Agent.gen
Trojan.DownLoad.36194
Win32/Seekwel.B
Trojan:W32/Delf.DRM
Trojan.Agent.AMTB
Trojan.Win32.Small
Trojan.Win32.Small.bxz
Generic Downloader.dp
Generic Downloader.dp
Trojan.Agent.imh
Trojan:Win32/Seekwel.A
Win32/Delf.OHS
Trojan.Win32.Small.bxz

Table 2. Alias names of the Trojan

Looking at the fact that malware is spreading faster and faster, more general computer users today are getting actual contact with this unwanted menace. So be cautious while surfing on the internet so as not to get into trouble.

Resources:
Virustotal: Aliase names of the trojan
Technical peculiarities of the computer threat
Introducing Trojan.Win32.Small.bxz.

Post a Comment

Security Code: