Trojan:W32/Agent.EDY is a standalone trojan dropper. It drops two EXE files on the computer.
Based on the settings of your F-Secure security product, it will either move the file to the quarantine where it cannot spread or cause harm, or remove it.
Trojan:W32/Agent.EDY is detection of a trojan-dropper which is packed with a modified version of UPX file compressor.It drops two EXE files to the user's computer.The first file named Regscan.exe is dropped to the following location:
It also drops a 3Kb sized file that is named the same as the sample itself to:
Registy ChangesLaunch point:
Add these value to registry:
Regscan.exe posts a file called bang.cgi to various IP addresses.
Date Created: -
Date Last Modified: -