TRIAL RESET.EXE
Sample Accepted Time:2010-1-18 14:02:58
Infected Times:
TRIAL RESET.EXE Description:
The unsafe files using this name are associated with the malware groups:
Malicious Software
Worm
TRIAL RESET.EXE action as following:
The Process is packed and/or encrypted using a software packing process
Drops known malicious software during execution
Includes file creation code which could be used to test for interception by security products
TRIAL RESET.EXE also has the following action
Created as a process in your system.
Executed as a Process
Infected Countries
Maleware file TRIAL RESET.EXE detected on May 25 2009 in the following geographical region of the Prevx community:
Spain on May 25 2009
Same behavior related threat file name:
TRIAL RESET.EXE has the following brother program file:
98609537.EXE
23031662.EXE
07999972.EXE
94838136.EXE
46541623.EXE
98639568.DAT
Filesizes
Several different file size detected:
2,570,979 bytes
5,930,694 bytes
48,640 bytes
971,263 bytes
File Type
Maleware file TRIAL RESET.EXE is used by multiple object types including executable programs,objects.
File Activity
One or more files with the name TRIAL RESET.EXE creates, deletes, copies or moves the following files and folders:
create folder C:\WINDOWS\system32\28463
Creates c:\windows\system32\28463\KGUT.001
Creates c:\windows\system32\28463\KGUT.006
Creates c:\windows\system32\28463\KGUT.007
Creates c:\windows\system32\28463\KGUT.exe
Creates c:\windows\system32\28463\key.bin
Creates c:\windows\system32\28463\AKV.exe
Creates c:\docume~1\jim\locals~1\temp\Trial-Reset.exe
Deletes c:\docume~1\jim\locals~1\temp@3.tmp
Spread Way:
Windows Vulnerability
Registry Value Creation
MD5:k8oBaNMH5k6ODHqCLxO3Au75pLs71iQ1
SHA1:sFwj2VupP6AwfI8dT2WJi1CQ8s0EM5yK0g16Jedx