Category Archives: Backdoor

Backdoor.Runagry!jkV8hvNN+vk

Backdoor.Runagry!jkV8hvNN+vk also known as Gen:Variant.Zusy.207705, TR/Agent.bta, Riskware/CloverPlus. Malware Analysis of Backdoor.Runagry!jkV8hvNN+vk – MBTIUPV32.EXE Created files: %TEMP%\6A298489B7562C9E2C0163A571C4DD81.JSON %LOCAL APPDATA%\WINDOWS MBT ICONS\MBTIPV32.EXE %LOCAL APPDATA%\WINDOWS MBT ICONS\MBTIUPV32.EXE %LOCAL APPDATA%\WINDOWS MBT ICONS\MBTIVUNINSTALL.EXE Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BTIV\DisplayName: “Windows Desktop MBT Icons Ver 6.1.1.4” HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BTIV\UNINSTALLSTRING: “%LOCAL APPDATA%\WINDOWS MBT ICONS\MBTIVUNINSTALL.EXE” Detected by UnHackMe: MBTIUPV32.EXE DEFAULT LOCATION: %LOCAL APPDATA%\WINDOWS MBT ICONS\MBTIUPV32.EXE Dropper hash(md5):…

Continue reading

Backdoor.Win32.Runagry.vpg

Backdoor.Win32.Runagry.vpg also known as W32/Adware.XOCI-0304, Backdoor.W32.Runagry!c. Malware Analysis of Backdoor.Win32.Runagry.vpg – MBTIUPV32.EXE Created files: %TEMP%\6A298489B7562C9E2C0163A571C4DD81.JSON %LOCAL APPDATA%\WINDOWS MBT ICONS\MBTIPV32.EXE %LOCAL APPDATA%\WINDOWS MBT ICONS\MBTIUPV32.EXE %LOCAL APPDATA%\WINDOWS MBT ICONS\MBTIVUNINSTALL.EXE Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BTIV\DisplayName: “Windows Desktop MBT Icons Ver 6.1.1.4” HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BTIV\UNINSTALLSTRING: “%LOCAL APPDATA%\WINDOWS MBT ICONS\MBTIVUNINSTALL.EXE” Detected by UnHackMe: MBTIUPV32.EXE DEFAULT LOCATION: %LOCAL APPDATA%\WINDOWS MBT ICONS\MBTIUPV32.EXE Dropper hash(md5): e178dba238342de0ab91931ed40c55a1…

Continue reading

BehavesLike.Win32.Backdoor.ht

BehavesLike.Win32.Backdoor.ht also known as Gen:Variant.Dropper.155, Trojan.Zbot.Win32.198823, Trojan.Win32.Zbot.eihppd. Malware Analysis of BehavesLike.Win32.Backdoor.ht – WOKYFAYFQIA.EXE Created files: %LOCAL APPDATA%\MICROSOFT\WINDOWS MAIL\MICROSOFT COMMUNITIES\ACCOUNT{3CC05103-59FD-466A-80E6-12486C131C6E}.OEACCOUNT %TEMP%\6A298489B7562C9E2C0163A571C4DD81.JSON %APPDATA%\FAYQUTEDBO\WOKYFAYFQIA.EXE %APPDATA%\UKTUEWUG\YXUVNUYSCE.AQN %APPDATA%\VYICFUBIOK\XYATCEEMU.DIB Detected by UnHackMe: WOKYFAYFQIA.EXE DEFAULT LOCATION: %APPDATA%\FAYQUTEDBO\WOKYFAYFQIA.EXE Dropper hash(md5): ea975d0ec98a4d85dab8bfb75f81fe90 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means…

Continue reading

BackDoor-FDGD!E8E53B1AB314

BackDoor-FDGD!E8E53B1AB314 also known as W32/SecRisk-ProcessPatcher-base, generic.a. Malware Analysis of BackDoor-FDGD!E8E53B1AB314 – WINDOWSSS.EXE Created files: %TEMP%\CTQC.TH %TEMP%\GONE.EXE %TEMP%\WINDOWSSS.EXE %TEMP%\WINDOWSSS2.EXE %TEMP%\WVJJKSF.EXE Detected by UnHackMe: WINDOWSSS.EXE DEFAULT LOCATION: %TEMP%\WINDOWSSS.EXE Dropper hash(md5): ea2d92c1027adb5f78b7a5675a19063e Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading

backdoor.win32.venik.j

backdoor.win32.venik.j also known as Trojan-PSW.Win32.Tepfer, TrojanPWS.Zbot.Gen, Trojan ( 0040f5a81 ). Malware Analysis of backdoor.win32.venik.j – UQABWI.EXE Created files: %LOCAL APPDATA%\MICROSOFT\WINDOWS MAIL\LOCAL FOLDERS\SENT ITEMS\WINMAIL.FOL %LOCAL APPDATA%\MICROSOFT\WINDOWS MAIL\MICROSOFT COMMUNITIES\ACCOUNT{590D00F5-2783-4D8E-972C-BC334CDE86FF}.OEACCOUNT %APPDATA%\TOFAEH\UQABWI.EXE Autostart registry keys: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\UQABWI: “%APPDATA%\TOFAEH\UQABWI.EXE” Detected by UnHackMe: UQABWI.EXE DEFAULT LOCATION: %APPDATA%\TOFAEH\UQABWI.EXE Dropper hash(md5): e0219072f15fe093753d0e68cafc2bad Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible…

Continue reading

Win32/Backdoor.BO.d0d

Win32/Backdoor.BO.d0d also known as Troj.W32.Gen.mfRq, Backdoor.Httpbot!8.4843-fr8Rr3OaIxN (Cloud). Malware Analysis of Win32/Backdoor.BO.d0d – TGSDK.DLL Created files: %SYSTEMDRIVE%\TEXTGRABSDK\EXAMPLES\DEMO_VBNET\TEXTGRABDEMO_VBNET.VBPROJ %SYSTEMDRIVE%\TEXTGRABSDK\LICENSE.TXT %SYSTEMDRIVE%\TEXTGRABSDK\TGSDK.DLL %SYSTEMDRIVE%\TEXTGRABSDK\TGSDK64.DLL %SYSTEMDRIVE%\TEXTGRABSDK\TGSDKPW64.BIN Autostart registry keys: HKLM\SOFTWARE\CLASSES\CLSID\{0DBEDBD6-5561-4AA6-BF71-96A6BF2864F5}\INPROCSERVER32\: “%SYSTEMDRIVE%\TEXTGRABSDK\TGSDKX.DLL” HKLM\SOFTWARE\CLASSES\CLSID\{15CED018-EA43-4CC0-AE44-5E8F413E5578}\INPROCSERVER32\: “%SYSTEMDRIVE%\TEXTGRABSDK\TGSDKX.DLL” HKLM\SOFTWARE\CLASSES\CLSID\{1FDF1F25-6E7E-4E0B-9697-8D14377C6B0E}\INPROCSERVER32\: “%SYSTEMDRIVE%\TEXTGRABSDK\TGSDKX.DLL” HKLM\SOFTWARE\CLASSES\CLSID\{A05BBABC-5EE2-43F8-96F2-1B581613E8A4}\INPROCSERVER32\: “%SYSTEMDRIVE%\TEXTGRABSDK\TGSDKX.DLL” HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\TGSDK\DisplayName: “TextGRAB SDK 3.2” HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\TGSDK\UNINSTALLSTRING: “”%SYSTEMDRIVE%\TEXTGRABSDK\UNINSTALL.EXE”” Detected by UnHackMe: TGSDK.DLL DEFAULT LOCATION: %SYSTEMDRIVE%\TEXTGRABSDK\TGSDK.DLL Dropper hash(md5): fb40f010388285c5914d1193a3b7f2f9 Share This: UnHackMe removes malware invisible for your…

Continue reading

Backdoor.Httpbot!8.4843-fr8Rr3OaIxN (Cloud)

Backdoor.Httpbot!8.4843-fr8Rr3OaIxN (Cloud) also known as Backdoor.Win32.Httpbot.che, Backdoor.Httpbot.d. Malware Analysis of Backdoor.Httpbot!8.4843-fr8Rr3OaIxN (Cloud) – TGSDK.DLL Created files: %SYSTEMDRIVE%\TEXTGRABSDK\EXAMPLES\DEMO_VBNET\TEXTGRABDEMO_VBNET.VBPROJ %SYSTEMDRIVE%\TEXTGRABSDK\LICENSE.TXT %SYSTEMDRIVE%\TEXTGRABSDK\TGSDK.DLL %SYSTEMDRIVE%\TEXTGRABSDK\TGSDK64.DLL %SYSTEMDRIVE%\TEXTGRABSDK\TGSDKPW64.BIN Autostart registry keys: HKLM\SOFTWARE\CLASSES\CLSID\{0DBEDBD6-5561-4AA6-BF71-96A6BF2864F5}\INPROCSERVER32\: “%SYSTEMDRIVE%\TEXTGRABSDK\TGSDKX.DLL” HKLM\SOFTWARE\CLASSES\CLSID\{15CED018-EA43-4CC0-AE44-5E8F413E5578}\INPROCSERVER32\: “%SYSTEMDRIVE%\TEXTGRABSDK\TGSDKX.DLL” HKLM\SOFTWARE\CLASSES\CLSID\{1FDF1F25-6E7E-4E0B-9697-8D14377C6B0E}\INPROCSERVER32\: “%SYSTEMDRIVE%\TEXTGRABSDK\TGSDKX.DLL” HKLM\SOFTWARE\CLASSES\CLSID\{A05BBABC-5EE2-43F8-96F2-1B581613E8A4}\INPROCSERVER32\: “%SYSTEMDRIVE%\TEXTGRABSDK\TGSDKX.DLL” HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\TGSDK\DisplayName: “TextGRAB SDK 3.2” HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\TGSDK\UNINSTALLSTRING: “”%SYSTEMDRIVE%\TEXTGRABSDK\UNINSTALL.EXE”” Detected by UnHackMe: TGSDK.DLL DEFAULT LOCATION: %SYSTEMDRIVE%\TEXTGRABSDK\TGSDK.DLL Dropper hash(md5): fb40f010388285c5914d1193a3b7f2f9 Share This: UnHackMe removes malware invisible for…

Continue reading

Backdoor.Win32.Httpbot.che

Backdoor.Win32.Httpbot.che also known as Backdoor.Httpbot!8.4843-fr8Rr3OaIxN (Cloud), Troj.W32.Gen.mfRq, Win32/Backdoor.BO.d0d. Malware Analysis of Backdoor.Win32.Httpbot.che – TGSDK.DLL Created files: %SYSTEMDRIVE%\TEXTGRABSDK\EXAMPLES\DEMO_VBNET\TEXTGRABDEMO_VBNET.VBPROJ %SYSTEMDRIVE%\TEXTGRABSDK\LICENSE.TXT %SYSTEMDRIVE%\TEXTGRABSDK\TGSDK.DLL %SYSTEMDRIVE%\TEXTGRABSDK\TGSDK64.DLL %SYSTEMDRIVE%\TEXTGRABSDK\TGSDKPW64.BIN Autostart registry keys: HKLM\SOFTWARE\CLASSES\CLSID\{0DBEDBD6-5561-4AA6-BF71-96A6BF2864F5}\INPROCSERVER32\: “%SYSTEMDRIVE%\TEXTGRABSDK\TGSDKX.DLL” HKLM\SOFTWARE\CLASSES\CLSID\{15CED018-EA43-4CC0-AE44-5E8F413E5578}\INPROCSERVER32\: “%SYSTEMDRIVE%\TEXTGRABSDK\TGSDKX.DLL” HKLM\SOFTWARE\CLASSES\CLSID\{1FDF1F25-6E7E-4E0B-9697-8D14377C6B0E}\INPROCSERVER32\: “%SYSTEMDRIVE%\TEXTGRABSDK\TGSDKX.DLL” HKLM\SOFTWARE\CLASSES\CLSID\{A05BBABC-5EE2-43F8-96F2-1B581613E8A4}\INPROCSERVER32\: “%SYSTEMDRIVE%\TEXTGRABSDK\TGSDKX.DLL” HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\TGSDK\DisplayName: “TextGRAB SDK 3.2” HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\TGSDK\UNINSTALLSTRING: “”%SYSTEMDRIVE%\TEXTGRABSDK\UNINSTALL.EXE”” Detected by UnHackMe: TGSDK.DLL DEFAULT LOCATION: %SYSTEMDRIVE%\TEXTGRABSDK\TGSDK.DLL Dropper hash(md5): fb40f010388285c5914d1193a3b7f2f9 Share This: UnHackMe removes malware invisible for…

Continue reading

Backdoor.Httpbot.d

Backdoor.Httpbot.d also known as Troj.W32.Gen.mfRq, Win32/Backdoor.BO.d0d. Malware Analysis of Backdoor.Httpbot.d – TGSDK.DLL Created files: %SYSTEMDRIVE%\TEXTGRABSDK\EXAMPLES\DEMO_VBNET\TEXTGRABDEMO_VBNET.VBPROJ %SYSTEMDRIVE%\TEXTGRABSDK\LICENSE.TXT %SYSTEMDRIVE%\TEXTGRABSDK\TGSDK.DLL %SYSTEMDRIVE%\TEXTGRABSDK\TGSDK64.DLL %SYSTEMDRIVE%\TEXTGRABSDK\TGSDKPW64.BIN Autostart registry keys: HKLM\SOFTWARE\CLASSES\CLSID\{0DBEDBD6-5561-4AA6-BF71-96A6BF2864F5}\INPROCSERVER32\: “%SYSTEMDRIVE%\TEXTGRABSDK\TGSDKX.DLL” HKLM\SOFTWARE\CLASSES\CLSID\{15CED018-EA43-4CC0-AE44-5E8F413E5578}\INPROCSERVER32\: “%SYSTEMDRIVE%\TEXTGRABSDK\TGSDKX.DLL” HKLM\SOFTWARE\CLASSES\CLSID\{1FDF1F25-6E7E-4E0B-9697-8D14377C6B0E}\INPROCSERVER32\: “%SYSTEMDRIVE%\TEXTGRABSDK\TGSDKX.DLL” HKLM\SOFTWARE\CLASSES\CLSID\{A05BBABC-5EE2-43F8-96F2-1B581613E8A4}\INPROCSERVER32\: “%SYSTEMDRIVE%\TEXTGRABSDK\TGSDKX.DLL” HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\TGSDK\DisplayName: “TextGRAB SDK 3.2” HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\TGSDK\UNINSTALLSTRING: “”%SYSTEMDRIVE%\TEXTGRABSDK\UNINSTALL.EXE”” Detected by UnHackMe: TGSDK.DLL DEFAULT LOCATION: %SYSTEMDRIVE%\TEXTGRABSDK\TGSDK.DLL Dropper hash(md5): fb40f010388285c5914d1193a3b7f2f9 Share This: UnHackMe removes malware invisible for your antivirus!…

Continue reading

BackDoor-FDCH!4EBD613787A8

BackDoor-FDCH!4EBD613787A8 also known as Ransom_CRYPTESLA.SMM1, Trojan.MalPack.PK, W32/Kryptik.ENZR!tr. Malware Analysis of BackDoor-FDCH!4EBD613787A8 – TTLKVSK.EXE Created files: %APPDATA%\HELP_RECOVER_INSTRUCTIONS+AFD.PNG %APPDATA%\HELP_RECOVER_INSTRUCTIONS+AFD.TXT %APPDATA%\TTLKVSK.EXE %PROFILE%\APPDATA\HELP_RECOVER_INSTRUCTIONS+AFD.HTML %PROFILE%\APPDATA\HELP_RECOVER_INSTRUCTIONS+AFD.PNG Autostart registry keys: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\DSFGSDF-67897869: “%APPDATA%\TTLKVSK.EXE” HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\DSFGSDF-67897869: “%APPDATA%\TTLKVSK.EXE” Detected by UnHackMe: TTLKVSK.EXE DEFAULT LOCATION: %APPDATA%\TTLKVSK.EXE Dropper hash(md5): 4ebd613787a867f536fd1876a3a529b3 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is…

Continue reading

backdoor.win32.zegost.ad

backdoor.win32.zegost.ad also known as HEUR/QVM20.1.0000.Malware.Gen, VirTool.Win32.Obfuscator.da!j (v), Win32.Trojan.Kryptik.yf. Malware Analysis of backdoor.win32.zegost.ad – OBME.EXE Created files: %LOCAL APPDATA%\MICROSOFT\WINDOWS MAIL\LOCAL FOLDERS\SENT ITEMS\WINMAIL.FOL %LOCAL APPDATA%\MICROSOFT\WINDOWS MAIL\MICROSOFT COMMUNITIES\ACCOUNT{3CC05103-59FD-466A-80E6-12486C131C6E}.OEACCOUNT %APPDATA%\VYADW\OBME.EXE Autostart registry keys: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\OBME: “%APPDATA%\VYADW\OBME.EXE” Detected by UnHackMe: OBME.EXE DEFAULT LOCATION: %APPDATA%\VYADW\OBME.EXE Dropper hash(md5): 81ef46b7fc5cea28ad8f391dbe3d0fca Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most…

Continue reading

Backdoor.Bifrose.Win32.92125

Backdoor.Bifrose.Win32.92125 also known as W32.HfsAdware.757D. Malware Analysis of Backdoor.Bifrose.Win32.92125 – GAMESMANAGERINSTALLER.EXE Created files: %TEMP%\GM_INSTALLATION.LOG %TEMP%\GM_INSTALLATION_INNER.LOG %TEMP%\NSUFC43.TMP\GAMESMANAGERINSTALLER.EXE %LOCAL APPDATA%\GAMESMANAGER\00000000\CDATA.DAT %LOCAL APPDATA%\GAMESMANAGER\00000000\CDATA.DAT.TMP Detected by UnHackMe: GAMESMANAGERINSTALLER.EXE DEFAULT LOCATION: %TEMP%\NSUFC43.TMP\GAMESMANAGERINSTALLER.EXE Dropper hash(md5): 184ef5e2901130fb8d79886371d560bc Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not…

Continue reading

Backdoor.Kryptik.Win32.165

Malware Analysis of Backdoor.Kryptik.Win32.165 – ALL2ARC.EXE Created files: %Program Files%\FreeArc\bin\7zCon.sfx %Program Files%\FreeArc\bin\7zG.exe %Program Files%\FreeArc\bin\all2arc.exe %Program Files%\FreeArc\bin\arc-mini.sfx %Program Files%\FreeArc\bin\arc-tiny.sfx Autostart registry keys: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\FreeArc\DisplayName: “FreeArc 0.67 alpha” HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\FreeArc\UninstallString: “%Program Files%\FreeArc\uninst.exe” Detected by UnHackMe: ALL2ARC.EXE Default location: %PROGRAM FILES%\FREEARC\BIN\ALL2ARC.EXE Dropper hash(md5): 58d75e3e3002b0769cc9527a87c81e40 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software.…

Continue reading

Backdoor:Win32/Alaveensee.AC!bit

Backdoor:Win32/Alaveensee.AC!bit also known as Trojan.Agent.CAOI, Trojan-Spy.Win32.Agent.jhus, Troj.Agent.Caoi!c. Malware Analysis of Backdoor:Win32/Alaveensee.AC!bit – SVCMCCWI.EXE Created files: %Program Files%\TITANGAME\GOSTOP\iphlpapi.dll %Program Files%\TITANGAME\POKER\iphlpapi.dll %WINDIR%\SVCMCCWI.EXE Detected by UnHackMe: SVCMCCWI.EXE Default location: %WinDir%\SVCMCCWI.EXE Dropper hash(md5): 331bb77bbc5f766d58aa2df6bb0a32c2 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not…

Continue reading

BackDoor.Paper.28

BackDoor.Paper.28 also known as Trojan.Win32.Agent!O, Trojan/Delf.obb, W32/Hupigon.C.gen!Eldorado. Malware Analysis of BackDoor.Paper.28 – S0AME.EXE Created files: %Program Files%\s0ame.exe Detected by UnHackMe: S0AME.EXE Default location: %PROGRAM FILES%\S0AME.EXE Dropper hash(md5): 65caa909a27ae1b7d95541a39c11f02a Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any…

Continue reading

Backdoor.Flood.Win32.23

Backdoor.Flood.Win32.23 also known as Trojan.Win32.Flood.hmbi. Malware Analysis of Backdoor.Flood.Win32.23 – AIW56093.EXE Created files: %TEMP%\AAIW56594.BMP %TEMP%\AIW56093.EXE %TEMP%\AIW56593.BMP %TEMP%\AIW56656.EXE Detected by UnHackMe: AIW56093.EXE DEFAULT LOCATION: %TEMP%\AIW56093.EXE Dropper hash(md5): 76332f9a8ec655b3d7271bec2ef2964d Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form…

Continue reading

Win32.Backdoor.Hupigon.Wqdm

Win32.Backdoor.Hupigon.Wqdm also known as Trojan/Win32.Agent, Generic.Malware.SLP!BPk!g.6A78821C (B), Trj/Genetic.gen. Malware Analysis of Win32.Backdoor.Hupigon.Wqdm – S0AME.EXE Created files: %Program Files%\s0ame.exe Detected by UnHackMe: S0AME.EXE Default location: %PROGRAM FILES%\S0AME.EXE Dropper hash(md5): 65caa909a27ae1b7d95541a39c11f02a Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading

Backdoor/IRC.ck

Backdoor/IRC.ck also known as Trojan.Win32.Flood.hmbi. Malware Analysis of Backdoor/IRC.ck – AIW56093.EXE Created files: %TEMP%\AAIW56594.BMP %TEMP%\AIW56093.EXE %TEMP%\AIW56593.BMP %TEMP%\AIW56656.EXE Detected by UnHackMe: AIW56093.EXE DEFAULT LOCATION: %TEMP%\AIW56093.EXE Dropper hash(md5): 76332f9a8ec655b3d7271bec2ef2964d Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form…

Continue reading

Backdoor/W32.Androm.159744.AA

Backdoor/W32.Androm.159744.AA also known as Trojan.MSIL.Agent.BWC, Trojan ( 004fef171 ), Backdoor.W32.Androm!c. Malware Analysis of Backdoor/W32.Androm.159744.AA – JAVAUPDTR.EXE Created files: %APPDATA%\JAVA\JAVAUPDTR.EXE Detected by UnHackMe: JAVAUPDTR.EXE DEFAULT LOCATION: %APPDATA%\JAVA\JAVAUPDTR.EXE Dropper hash(md5): 1e8b8a1c9c20c5906fbcb45c04193fb2 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading

BackDoor-FDEZ!65CAA909A27A

BackDoor-FDEZ!65CAA909A27A also known as Generic.Malware.SLP!BPk!g.6A78821C, Trojan.Win32.Agent!O, Win32/Delf.OMY. Malware Analysis of BackDoor-FDEZ!65CAA909A27A – S0AME.EXE Created files: %Program Files%\s0ame.exe Detected by UnHackMe: S0AME.EXE Default location: %PROGRAM FILES%\S0AME.EXE Dropper hash(md5): 65caa909a27ae1b7d95541a39c11f02a Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any…

Continue reading

Backdoor:Win32/Defsel.B

Backdoor:Win32/Defsel.B also known as VirTool.Win32.DelfInject, Trojan.Agent, Trojan ( 7000000f1 ). Malware Analysis of Backdoor:Win32/Defsel.B – S0AME.EXE Created files: %Program Files%\s0ame.exe Detected by UnHackMe: S0AME.EXE Default location: %PROGRAM FILES%\S0AME.EXE Dropper hash(md5): 65caa909a27ae1b7d95541a39c11f02a Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does…

Continue reading

backdoor.msil.bladabindi.g

backdoor.msil.bladabindi.g also known as Backdoor.Androm.mgs, Trojan/Win32.TSGeneric, HEUR/QVM03.0.840A.Malware.Gen. Malware Analysis of backdoor.msil.bladabindi.g – JAVAUPDTR.EXE Created files: %APPDATA%\JAVA\JAVAUPDTR.EXE Detected by UnHackMe: JAVAUPDTR.EXE DEFAULT LOCATION: %APPDATA%\JAVA\JAVAUPDTR.EXE Dropper hash(md5): 1e8b8a1c9c20c5906fbcb45c04193fb2 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of…

Continue reading

Backdoor.Androm!gmkt1gMrvVw

Backdoor.Androm!gmkt1gMrvVw also known as malicious_confidence_100% (W), Trojan.MSIL.Agent.BWC, Trojan/Win32.TSGeneric. Malware Analysis of Backdoor.Androm!gmkt1gMrvVw – JAVAUPDTR.EXE Created files: %APPDATA%\JAVA\JAVAUPDTR.EXE Detected by UnHackMe: JAVAUPDTR.EXE DEFAULT LOCATION: %APPDATA%\JAVA\JAVAUPDTR.EXE Dropper hash(md5): 1e8b8a1c9c20c5906fbcb45c04193fb2 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form…

Continue reading

Backdoor.Androm.mgs

Backdoor.Androm.mgs also known as TROJ_GEN.R0C1C0VL216, a variant of MSIL/Injector.QTM, Trojan.Gen. Malware Analysis of Backdoor.Androm.mgs – JAVAUPDTR.EXE Created files: %APPDATA%\JAVA\JAVAUPDTR.EXE Detected by UnHackMe: JAVAUPDTR.EXE DEFAULT LOCATION: %APPDATA%\JAVA\JAVAUPDTR.EXE Dropper hash(md5): 1e8b8a1c9c20c5906fbcb45c04193fb2 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain…

Continue reading

Backdoor.Win32.Androm.luvy

Backdoor.Win32.Androm.luvy also known as Trj/GdSda.A, Trojan.Gen, W32/Trojan.FWBQ-8641. Malware Analysis of Backdoor.Win32.Androm.luvy – JAVAUPDTR.EXE Created files: %APPDATA%\JAVA\JAVAUPDTR.EXE Detected by UnHackMe: JAVAUPDTR.EXE DEFAULT LOCATION: %APPDATA%\JAVA\JAVAUPDTR.EXE Dropper hash(md5): 1e8b8a1c9c20c5906fbcb45c04193fb2 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form of…

Continue reading

BackDoor.Generic18.BWXL

BackDoor.Generic18.BWXL also known as Trojan.GenericKD.2231308, Trojan/Win32.Bladabindi, Trojan[Dropper]/Win32.FrauDrop. Malware Analysis of BackDoor.Generic18.BWXL – 0085004AD954D5AC3A3E310F1DEB0EAA.EXE Created files: %TEMP%\CSRSS.EXE %STARTUP%\0085004AD954D5AC3A3E310F1DEB0EAA.EXE Detected by UnHackMe: 0085004AD954D5AC3A3E310F1DEB0EAA.EXE DEFAULT LOCATION: %STARTUP%\0085004AD954D5AC3A3E310F1DEB0EAA.EXE Dropper hash(md5): a6478a3b0a05cf85609f5464524f1375 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any form…

Continue reading

Backdoor.W32.Androm!c

Backdoor.W32.Androm!c also known as Trojan.DownLoader12.29878, Trojan.MSIL.NanoCore, Trojan.GenericKD.3645268. Malware Analysis of Backdoor.W32.Androm!c – BIOAP.EXE Created files: %SYSDIR%\BIOAP\BIOAP.EXE Autostart registry keys: HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run HKLM\Software\Microsoft\Windows\CurrentVersion\Run\VMware Tools: “”%Program Files%\VMware\VMware Tools\VMwareTray.exe”” HKLM\Software\Microsoft\Windows\CurrentVersion\Run\VMware User Process: “”%Program Files%\VMware\VMware Tools\vmtoolsd.exe” -n vmusr” Detected by UnHackMe: BIOAP.EXE Default location: %SYSDIR%\BIOAP\BIOAP.EXE Dropper hash(md5): 0258431ea7704becac90b3ecef4a0db0 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible…

Continue reading

Backdoor.Win32.Androm.ldwo

Backdoor.Win32.Androm.ldwo also known as TROJ_GEN.R0EBC0DJS16, Trojan.Win32.Generic!BT, Trojan.GenericKD.3645268 (B). Malware Analysis of Backdoor.Win32.Androm.ldwo – BIOAP.EXE Created files: %SYSDIR%\BIOAP\BIOAP.EXE Autostart registry keys: HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run HKLM\Software\Microsoft\Windows\CurrentVersion\Run\VMware Tools: “”%Program Files%\VMware\VMware Tools\VMwareTray.exe”” HKLM\Software\Microsoft\Windows\CurrentVersion\Run\VMware User Process: “”%Program Files%\VMware\VMware Tools\vmtoolsd.exe” -n vmusr” Detected by UnHackMe: BIOAP.EXE Default location: %SYSDIR%\BIOAP\BIOAP.EXE Dropper hash(md5): 0258431ea7704becac90b3ecef4a0db0 Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is…

Continue reading

Win32/Backdoor.195

Win32/Backdoor.195 also known as Backdoor.Androm!8.113-G7dMj3aIP1S (cloud), a variant of Win32/Injector.Autoit.COO, Win32:Malware-gen. Malware Analysis of Win32/Backdoor.195 – BIOAP.EXE Created files: %SYSDIR%\BIOAP\BIOAP.EXE Autostart registry keys: HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run HKLM\Software\Microsoft\Windows\CurrentVersion\Run\VMware Tools: “”%Program Files%\VMware\VMware Tools\VMwareTray.exe”” HKLM\Software\Microsoft\Windows\CurrentVersion\Run\VMware User Process: “”%Program Files%\VMware\VMware Tools\vmtoolsd.exe” -n vmusr” Detected by UnHackMe: BIOAP.EXE Default location: %SYSDIR%\BIOAP\BIOAP.EXE Dropper hash(md5): 0258431ea7704becac90b3ecef4a0db0 Share This: UnHackMe removes malware invisible for your…

Continue reading

backdoor.win32.berbew.i

backdoor.win32.berbew.i also known as Ransom.Cerber, Win32.Trojan.Raasc.Auto, Trojan.Injector!j66Z1+qz3TA. Malware Analysis of backdoor.win32.berbew.i – CRORES.DLL Created files: %TEMP%\0D4B1D18\4EF4.TMP %TEMP%\0D4B1D18\7E83.TMP %TEMP%\CRORES.DLL %TEMP%\JOGDHARNA.CLP %TEMP%\NSGDA15.TMP\SYSTEM.DLL Detected by UnHackMe: CRORES.DLL DEFAULT LOCATION: %TEMP%\CRORES.DLL Dropper hash(md5): 03da526863ed10b67e5bfc8eba2b1a5f Share This: UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not…

Continue reading

WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera