Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

Win32.HLLM.Beagle.1353

Added to the Dr.Web virus database: 2013-04-30

Virus description added:

Technical Information

Malicious functions:
Creates and executes the following:
  • '%WINDIR%\125265.exe'
  • '%WINDIR%\125265.exe' (downloaded from the Internet)
Modifies file system :
Creates the following files:
  • %WINDIR%\125265.exe
  • %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\KHMHGZ4F\get[1].php
Network activity:
Connects to:
  • 'www.at####hannover.de':80
  • 'localhost':1035
TCP:
HTTP GET requests:
  • www.at####hannover.de/get.php
UDP:
  • DNS ASK www.at####hannover.de