Backdoor.Win32.Androm.kxzd
Backdoor.Win32.Androm.kxzd also known as TROJ_GEN.R072C0DJ516, Trojan[Backdoor]/Win32.Androm, Gen:Variant.MSILPerseus.54778. Malware Analysis of Backdoor.Win32.Androm.kxzd – RYJRVOLP.EXE Created files: %APPDATA%\PICS.RAR %APPDATA%\QILXZCTHB\RYJRVOLP.EXE Autostart registry keys: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\RYJRVOLP: “”%APPDATA%\QILXZCTHB\RYJRVOLP.EXE”” Detected by UnHackMe: RYJRVOLP.EXE DEFAULT LOCATION: %APPDATA%\QILXZCTHB\RYJRVOLP.EXE Dropper hash(md5): fbd01573c5f69e8be7e80123f8646fef UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not…