W32/Bagle.B2A2@mm
Analysis
W32/Bagle.B2A2!mm - 06-04-04
General Info:
This threat is a "PE" executable file, with file size 16348
Files:
- Copies itself to: undefinedSystemRootundefined/undefinedWinDirundefined
Installation to System:
- When run, it copies itself to:
undefinedSystemFolderundefined - And creates these registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Params FirstRun = dword:00000001 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run sysformat = "undefinedSystemFolderundefined\sysformat.exe"