English

Log in

Search

The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service.

Internet threat level: 1

Watch us on

ホーム→Descriptions→Virus.Win32.Small.l

Virus.Win32.Small.l

Detected	Jan 22 2010 13:36 GMT
Released	Jan 22 2010 18:37 GMT

This is a description which has been automatically generated following analysis of this program on a test machine. This description may contain incomplete or inaccurate information.

Summary

Trojan. Performs actions that are typical of malicious programs

Installation

Creates the following files on an infected computer:

C:\setupx.dll

Malicious activity

Injects its code into the following processes:

explorer.exe

Communicates with the following Internet addresses:

http://***.168.4.144/setupx.dat

Creates unique identifiers to flag its presence in the system

Angry Angel v3.0

Uses the masks shown below to search for files on the victim machine:

*.*

Other activities

Searches for the following windows:

Modifies the system registry keys:

[ System registry hive HKEY_CURRENT_USERHKCU\Software\Microsoft\Windows\CurrentVersion\Run ] "Serverx" = " Windows system directory (usually, C:\Windows\System32) %System%\Serverx.exe"

Description:
Used to automatically run files when the Windows OS boots

Print

Share

Malicious programs

Viruses and worms

Virus

Viruses replicate on the resources of the local machine.

Unlike worms, viruses do not use network services to propagate or penetrate other computers. A copy of a virus will reach remote computers only if the infected object is, for some reason unrelated to the virus function, activated on another computer. For example:

when infecting accessible disks, a virus penetrates a file located on a network resource
a virus copies itself to a removable storage device or infects a file on a removable device
a user sends an email with an infected attachment.

Other versions

Virus.Win32.Small.1416

Virus.Win32.Small.1424

別名

Virus.Win32.Small.l (Kaspersky Lab) は以下の名称でも知られています:

Trojan: Generic.dx!sqj (McAfee)
W32/Madang-Fam (Sophos)
Win32.Angel (DrWeb)
Gen:Trojan.Heur.GZ.FOW@bm!eN2bi (BitDef7)
Win32.Madang.B (VirusBuster)
Virus.Win32.Small (Ikarus)
Win32/Madang.C (AVG)
TR/Crypt.ASPM.Gen (AVIRA)
W32/Madang.B (Norman)
Win32.Madangel.c (Rising)
Virus.Win32.Small.l [AVP] (FSecure)
Trojan.Win32.Generic!BT (Sunbelt)
Win32.Madang.B (VirusBusterBeta)

Virus.Win32.Small.l

Summary

Installation

Malicious activity

Other activities

kaspersky.com

securelist.com