ThreatScope Analysis Report

For file 7UNFVh.exe uploaded 2013-07-18 at 07:46:01 AM

Threat level: Malicious

Recommendation: Do not allow this file to be run in your network. Perform remediation on machines on which the file may have run.

Threat Assessment

Drops and runs executable file(s) in a directory of the user profile often used by malware

Drops executable file(s)

Possibly injects code into remote process(es)

Writes to the filesystem in a directory of the user profile often used by malware

Executes the Windows command shell program

Screenshots: None

File details:

Hash MD5


File size

0 B

Hash SHA-1


File uploaded

2013-07-18 07:46:01 AM

Hash SHA-256


Report created

2013-07-18 07:47:41 AM

Technical Details

Requested HTTP URLs

No HTTP communications were detected.

Resolved hostnames

DNS was not used to resolve any hostnames.

IP addresses

No IP addresses were requested.

File system modifications

The analyzed file changes the following items in the file system. This type of change can be performed by both malicious and benign files.


File path

Writes file

C:\Documents and Settings\victimo\Application Data\Ozmufy\uhxio.exe

Writes file

C:\Documents and Settings\victimo\Local Settings\Temp\MRFF6AF.bat

Writes file

C:\Documents and Settings\victimo\NTUSER.DAT.LOG

Writes file

C:\Documents and Settings\victimo\NTUSER.DAT

Process modifications

The analyzed file affected the following system processes.


File path

Creates Process



No Windows Registry changes were made.

Global system events

No global system events were detected.

Forcepoint has made an effort to determine if your submission is malicious however, Forcepoint cannot guarantee the accuracy of the result