TROJ_PEYKE.AC
Windows 2000, Windows XP, Windows Server 2003
Threat Type: Trojan
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
It exports functions used by other malware. It requires its main component to successfully perform its intended routine.
TECHNICAL DETAILS
750,671 bytes
DLL
13 Jul 2011
Arrival Details
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.
Other System Modifications
This Trojan adds the following registry keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Description
HKEY_LOCAL_MACHINE\SOFTWARE\Description\
Microsoft
HKEY_LOCAL_MACHINE\SOFTWARE\Description\
Microsoft\Rpc
HKEY_LOCAL_MACHINE\SOFTWARE\Description\
Microsoft\Rpc\UuidTemporaryData
It adds the following registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Description\
Microsoft\Rpc\UuidTemporaryData
NetworkAddress = {hex values}
HKEY_LOCAL_MACHINE\SOFTWARE\Description\
Microsoft\Rpc\UuidTemporaryData
NetworkAddressLocal = 0
Other Details
This Trojan exports functions used by other malware.
It requires its main component to successfully perform its intended routine.