Analysis Report for 41045688

Comment on this report

Summary:

Description	Risk
AV Hit: This executable is detected by an antivirus software.

Table of Contents
expand all	collapse all
General information 41045688.exe C:\41045688.exe Primary Analysis Subject General Information a) Registry Activities

1. General Information

	- Information about Anubis' invocation

Time needed:	242 s
Report created:	02/28/11, 08:49:40 UTC
Termination reason:	Timeout
Program version:	1.74.3362

2. 41045688.exe

	- General information about this executable

Analysis Reason:	Primary Analysis Subject
Filename:	41045688.exe
MD5:	c17aacdfab108ab134f0fabca27672b2
SHA-1:	e92ddc0f1708b02dbe45f59e4b615f3419695f4a
File Size:	45056 Bytes
Command Line:	"C:\41045688.exe"
Process-status at analysis end:	alive
Exit Code:	0

	- Load-time Dlls

Module Name	Base Address	Size
C:\WINDOWS\system32\ntdll.dll	0x7C900000	0x000AF000
C:\WINDOWS\system32\kernel32.dll	0x7C800000	0x000F6000
C:\WINDOWS\system32\USER32.dll	0x7E410000	0x00091000
C:\WINDOWS\system32\GDI32.dll	0x77F10000	0x00049000

	- Ikarus Virus Scanner

Trojan.Win32.Pincav (Sig-Id:1503840)

2.a) 41045688.exe - Registry Activities

	- Registry Values Read:

Key	Name	Value	Times
HKLM\System\CurrentControlSet\Control\Terminal Server	TSAppCompat	0	2

International Secure Systems Lab
Vienna University of Technology, Eurecom France, UC Santa Barbara
Contact: anubis@iseclab.org