Timeline

• Duration: 17.32 days
• MD5: b42b0ba6257f247fcedfaf9f89437615
• SHA256: d3d13c5c7bc0e8707a699e25190a24c845b5057066309e2c1e0e9b0943fced98
• SHA1: 2fdd370a5864f840897bb8afb63dcea87773685d
• Probable name: Hicrazyk.A
• VirusTotal

Tue Jan 14 09:48:22 CET 2014

started

Tue Jan 14 09:52:17 CET 2014

infected

Accessing the C&C channel http://i1.ajk123.com/GetVersion.html , we get [def]E126F519FD54EC6F9266B29380869EBC9AA1A077926CF41BF4050B0407025FB45DA6[def] [setup]A562B95DB99FA1A379C69B8F8D94AAAF96A863A17BC655C94AC55DBF53ED39DE38[setup] [inst]5CA8729572C080DC320859C940C797BA99AB60BC5EE13AEC1518EB28FB46C145C6[inst]

Sat Feb 1 0?:52:17 CET 2014

stopped win2