Main Menu
Home
Bookmark
Contact Us



 
Trojan.MOCHIA Trojan Information

Name: Trojan.MOCHIA
Category: Trojan
Advice: Remove
Risk: Severe Risk Severe threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild. There exists a high possibility of potential system damage or security flaw. Attacker has complete control over your computer or install new software on your machine.
Description: Trojan.MOCHIA connects to a remote site and collects configuration data and acts as an email relay, allowing remote users the capability of sending arbitrary email through the infected computer.

Trojan.MOCHIA copies itself to the Windows system folder as mocih.exe and registers itself as a service process. With the following characteristics:
servicename = ACCRA
displayname = Trace network connections
imagepath = %SYSTEM%mocih.exe

The Trojan connects to a remote site and collects configuration data.
Trojan.MOCHIA then acts as an email relay, allowing remote users the capability of sending arbitrary email through the infected computer.

The email sent by Trojan.MOCHIA may appear to be from any of the following names:
Abrahams
Adler
Adorno
Ellis
Ellison
Emmanuel
Farber
Feidelbergberg
Feinberg
Feldman
Fink
Finkel
Finkbein
Finkelstein
Fish
Fisch
Fishbein
Fleischer
Fleisher
Frankel
Freud
Fried
Friedman
Geffen
Gelbman
Gersh
Gershwin
Glazer
Glickman
Glucksman
Goldberg
Goldenson
Goldwyn
Gottlieb
Gould
Gralnick
Greenberg
Grossman
Gruber
Grjnberg
Gunzberg
Gysi
Halperin
Halpern
Handler
Hecht
Heck
Heller
Hellman
Herman
Herzberg
Hersch
Herzog
Hillel
Himmelfarb
Hirsch
Hoch
Hohenemser
Hollaender
Horowitz
Albert
Alpert
Alexander

Signatures: process: mocih.exe: MD5 Hash: b8eb417c739da7590af... process: mocih.exe: MD5 Hash: d4ef4a1f4c0c08efe30... process: mocih.exe: MD5 Hash: b9447a5a5c3239b98f0... process: sys01116.exe: MD5 Hash: 5a7870d935b3a620618... process: loader32.exe: MD5 Hash: 02ad9210c4a9a252219... process: dev32.exe: MD5 Hash: 9b3819eb6f46b3fda15... process: dev32.exe: MD5 Hash: c7a87f240d100e9b36f... process: loader32.exe: MD5 Hash: 1dd3b679b3ff57e9ecd... process: downf6.exe: MD5 Hash: 7a8b96219f4e52ead02... process: dev32.exe: MD5 Hash: 09b5a6d3a9c86a64229... process: downf109.exe: MD5 Hash: 243508e2794d65f391a... process: downf26.exe: MD5 Hash: e234ed585dd92196880... process: ahtun.exe: MD5 Hash: a7b556df9f16caaf157..
Type: Trojan - A Trojan software is any software on a user's computer that the user is not aware or intentionally installed. Most Trojan software is designed to perform some sort of actions that could jeopardize the user's security or privacy.



Top Trojan Visited Pages:
Anti Netbus - 3419 visits
Tro.Downloader.loadadv - 584 visits
Netbus Fucker - 289 visits
Server Sockets - Alias: Backdoor.Sockets, Sockets23 - 283 visits
SMF.166.Batch - 270 visits
Enable Regedit - 251 visits
Trojan.BankerSpy - 235 visits
Java.ClassLoader.Dummy.d - 233 visits
Lamping - 186 visits
Silver Surfer Trojan - 148 visits

Random Trojan Pages:
Tro.Downloader.activate_crack
FMSZ
Startup.NameShifter.LG
Reg.Noall
Trojan.BHO.NameShifter.AB
Trojan.Livup
LRS Trojan
Trojan.BHO.NameShifter.H
Deadman.Batch
Trojan.Startup.NameShifter.AD


 


2006-2008 spyware32.com - Privacy Policy