Main Menu
Home
Bookmark
Contact Us



 
Trojan.MOCHIA Trojan Information

Name: Trojan.MOCHIA
Category: Trojan
Advice: Remove
Risk: Severe Risk Severe threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild. There exists a high possibility of potential system damage or security flaw. Attacker has complete control over your computer or install new software on your machine.
Description: Trojan.MOCHIA connects to a remote site and collects configuration data and acts as an email relay, allowing remote users the capability of sending arbitrary email through the infected computer.

Trojan.MOCHIA copies itself to the Windows system folder as mocih.exe and registers itself as a service process. With the following characteristics:
servicename = ACCRA
displayname = Trace network connections
imagepath = %SYSTEM%mocih.exe

The Trojan connects to a remote site and collects configuration data.
Trojan.MOCHIA then acts as an email relay, allowing remote users the capability of sending arbitrary email through the infected computer.

The email sent by Trojan.MOCHIA may appear to be from any of the following names:
Abrahams
Adler
Adorno
Ellis
Ellison
Emmanuel
Farber
Feidelbergberg
Feinberg
Feldman
Fink
Finkel
Finkbein
Finkelstein
Fish
Fisch
Fishbein
Fleischer
Fleisher
Frankel
Freud
Fried
Friedman
Geffen
Gelbman
Gersh
Gershwin
Glazer
Glickman
Glucksman
Goldberg
Goldenson
Goldwyn
Gottlieb
Gould
Gralnick
Greenberg
Grossman
Gruber
Grjnberg
Gunzberg
Gysi
Halperin
Halpern
Handler
Hecht
Heck
Heller
Hellman
Herman
Herzberg
Hersch
Herzog
Hillel
Himmelfarb
Hirsch
Hoch
Hohenemser
Hollaender
Horowitz
Albert
Alpert
Alexander

Signatures: process: mocih.exe: MD5 Hash: b8eb417c739da7590af... process: mocih.exe: MD5 Hash: d4ef4a1f4c0c08efe30... process: mocih.exe: MD5 Hash: b9447a5a5c3239b98f0... process: sys01116.exe: MD5 Hash: 5a7870d935b3a620618... process: loader32.exe: MD5 Hash: 02ad9210c4a9a252219... process: dev32.exe: MD5 Hash: 9b3819eb6f46b3fda15... process: dev32.exe: MD5 Hash: c7a87f240d100e9b36f... process: loader32.exe: MD5 Hash: 1dd3b679b3ff57e9ecd... process: downf6.exe: MD5 Hash: 7a8b96219f4e52ead02... process: dev32.exe: MD5 Hash: 09b5a6d3a9c86a64229... process: downf109.exe: MD5 Hash: 243508e2794d65f391a... process: downf26.exe: MD5 Hash: e234ed585dd92196880... process: ahtun.exe: MD5 Hash: a7b556df9f16caaf157..
Type: Trojan - A Trojan software is any software on a user's computer that the user is not aware or intentionally installed. Most Trojan software is designed to perform some sort of actions that could jeopardize the user's security or privacy.



Top Trojan Visited Pages:
Anti Netbus - 3477 visits
Tro.Downloader.loadadv - 589 visits
Netbus Fucker - 294 visits
Server Sockets - Alias: Backdoor.Sockets, Sockets23 - 284 visits
SMF.166.Batch - 271 visits
Enable Regedit - 252 visits
Trojan.BankerSpy - 236 visits
Java.ClassLoader.Dummy.d - 234 visits
Lamping - 187 visits
Silver Surfer Trojan - 150 visits

Random Trojan Pages:
IExplores Trojan
Trojan.BHO.NameShifter.BF
MSNRaptor v1.0.1
Startup.NameShifter.LI
Trojan.Startup.NameShifter.addgu32
RegBomb.Batch
Batalia4.521.Batch
Canada
Passenger
Win.Parkin


 


2006-2008 spyware32.com - Privacy Policy