Artemis!3BC6F91EE327 also known as TR/Kilim.C.3, Win32.Troj.Undef.(kcloud). Malware Analysis of Artemis!3BC6F91EE327 Created files: %Local Appdata%GoogleChromeUser DataDefaultExtension Rules00003.log %Local Appdata%GoogleChromeUser DataDefaultExtension RulesCURRENT %Local Appdata%GoogleChromeUser DataDefaultExtension RulesLOCK %Local Appdata%GoogleChromeUser DataDefaultExtension RulesLOG %Local Appdata%GoogleChromeUser DataDefaultExtension RulesMANIFEST-000002 %Local Appdata%GoogleChromeUser DataDefaultPreferences.bad %WinDir%FlashTopiaFlashMedia.exe %WinDir%FlashTopiaPref2.dat Detected by UnHackMe: FLASHMEDIA.EXE Default location: %WinDir%FLASHTOPIAFLASHMEDIA.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with…

Continue reading →

TR/Kilim.C.3 also known as Trojan.Agent.AI, W32/AutoHK.F!tr.dldr, Win32.Troj.Undef.(kcloud). Malware Analysis of TR/Kilim.C.3 Created files: %Local Appdata%GoogleChromeUser DataDefaultExtension Rules00003.log %Local Appdata%GoogleChromeUser DataDefaultExtension RulesCURRENT %Local Appdata%GoogleChromeUser DataDefaultExtension RulesLOCK %Local Appdata%GoogleChromeUser DataDefaultExtension RulesLOG %Local Appdata%GoogleChromeUser DataDefaultExtension RulesMANIFEST-000002 %Local Appdata%GoogleChromeUser DataDefaultPreferences.bad %WinDir%FlashTopiaFlashMedia.exe %WinDir%FlashTopiaPref2.dat Detected by UnHackMe: FLASHMEDIA.EXE Default location: %WinDir%FLASHTOPIAFLASHMEDIA.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible…

Continue reading →

W32/AutoHK.F!tr.dldr also known as Generic8_c.BOSH, Trojan/Win32.Generic, Win32.Troj.Undef.(kcloud). Malware Analysis of W32/AutoHK.F!tr.dldr Created files: %Local Appdata%GoogleChromeUser DataDefaultExtension Rules00003.log %Local Appdata%GoogleChromeUser DataDefaultExtension RulesCURRENT %Local Appdata%GoogleChromeUser DataDefaultExtension RulesLOCK %Local Appdata%GoogleChromeUser DataDefaultExtension RulesLOG %Local Appdata%GoogleChromeUser DataDefaultExtension RulesMANIFEST-000002 %Local Appdata%GoogleChromeUser DataDefaultPreferences.bad %WinDir%FlashTopiaFlashMedia.exe %WinDir%FlashTopiaPref2.dat Detected by UnHackMe: FLASHMEDIA.EXE Default location: %WinDir%FLASHTOPIAFLASHMEDIA.EXE UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible…

Continue reading →

RDN/Generic.dx!cmr also known as TR/Tarcloin.G.124, TROJ_GEN.R0CBC0EGL13, Generic33.CERV. Malware Analysis of RDN/Generic.dx!cmr Created files: %Appdata%API.class %Appdata%cgminer.conf %Appdata%diablo130302.cl %Appdata%diakgcn121016.cl %Appdata%dllhost.exe %Appdata%dllhost2.exe %Appdata%libcurl.dll %Appdata%libeay32.dll %Appdata%libidn-11.dll %Appdata%librtmp.dll %Appdata%libssh2.dll %Appdata%libusb-1.0.dll %Appdata%lkfjl23j.db %Appdata%mainer_run.exe %Appdata%Mozilla Firefox.lnk %Appdata%phatk121016.cl %Appdata%phatk121016Turksv2w128l4.bin %Appdata%poclbm130302.cl %Appdata%poclbm130302GeForce GTS 250v1w256l4.bin %Appdata%poclbm130302Intel(R) HD Graphics 4000gv1w256l4.bin %Appdata%rundll32.exe %Appdata%scrypt130302.cl %Appdata%ssleay32.dll %Appdata%subid.dll %Appdata%svchost.exe %Appdata%tmp.vbs %Appdata%unzipme_miner-files.zip %Appdata%zlib1.dll %Temp%Temporary Directory 1 for unzipme_miner-files.zipAPI.class %Temp%Temporary Directory 1…

Continue reading →

Win32/Shorm also known as Troj/Miner-O, RDN/Generic.dx!cmr, W32/Kryptik.BFQM. Malware Analysis of Win32/Shorm Created files: %Appdata%API.class %Appdata%cgminer.conf %Appdata%diablo130302.cl %Appdata%diakgcn121016.cl %Appdata%dllhost.exe %Appdata%dllhost2.exe %Appdata%libcurl.dll %Appdata%libeay32.dll %Appdata%libidn-11.dll %Appdata%librtmp.dll %Appdata%libssh2.dll %Appdata%libusb-1.0.dll %Appdata%lkfjl23j.db %Appdata%mainer_run.exe %Appdata%Mozilla Firefox.lnk %Appdata%phatk121016.cl %Appdata%phatk121016Turksv2w128l4.bin %Appdata%poclbm130302.cl %Appdata%poclbm130302GeForce GTS 250v1w256l4.bin %Appdata%poclbm130302Intel(R) HD Graphics 4000gv1w256l4.bin %Appdata%rundll32.exe %Appdata%scrypt130302.cl %Appdata%ssleay32.dll %Appdata%subid.dll %Appdata%svchost.exe %Appdata%tmp.vbs %Appdata%unzipme_miner-files.zip %Appdata%zlib1.dll %Temp%Temporary Directory 1 for unzipme_miner-files.zipAPI.class %Temp%Temporary Directory 1…

Continue reading →