Associated Malware Groups
The filename is associated with the malware group:
File Behavior
SQ.COM has been seen to perform the following behavior:
- The Process is packed and/or encrypted using a software packing process
- This Process Deletes Other Processes From Disk
- This process creates other processes on disk
- Executes a Process
- Creates a new Background Service on the machine
- Loads and Executes a System Driver File
- Writes to another Process's Virtual Memory (Process Hijacking)
- Found on infected systems and resists interrogation by security products
- Uses low level functions to hide itself from the user and from system/security processes
SQ.COM has been the subject of the following behavior:
- Created as a process on disk
- Executed as a Process
- Deleted as a process from disk
- Added as a Registry auto start to load Program on Boot up
- Has code inserted into its Virtual Memory space by other programs
- Executed from Temporary Folders
- Copied to multiple locations on the system
Country Of Origin
The filename SQ.COM was first seen on Nov 7 2008 in the following geographical regions of the Prevx community:
- VIET NAM on Nov 7 2008
- BELGIUM on Nov 7 2008
- The UNITED STATES on Nov 9 2008
- KENYA on Nov 9 2008
File Name Aliases
SQ.COM can also use the following file names:
- HELP.EXE
- CKVO.EXE
- 04668412.COM
- KOPYASı SQ.COM
- XIH9.CMD
- P1Y2.CMD
- IQE68O.BAT
- NQ0CQ.CMD
Filesizes
The following file size has been seen:
- 179,712 bytes
- 110,013 bytes
- 109,879 bytes
File Type
The filename SQ.COM refers to many versions of an executable program.
PCMag.com Editors' Choice Award Logo is a trademark of Ziff Davis Publishing Holdings Inc. Used under license.