Worm/W32.AutoRun.524892
Worm/W32.AutoRun.524892 also known as Trojan.Agent/Gen-Frauder[WinWord], Worm.Yuner!OOwCwIXRc+0, Worm/Win32.Hybris.R3751. Malware Analysis of Worm/W32.AutoRun.524892 – KUQAQTQY.EXE Created files: %WINDIR%\MYDOC.RTF %APPDATA%\MICROSOFT\PROTECT\S-1-5-21-2250177403-3231077850-1239169437-1002\E0F98D70-7096-4DE5-97D5-42A5628D512F %SYSDIR%\KUQAQTQY.EXE %SYSDIR%\NBFVVLQSAWEMZ.EXE %SYSDIR%\SHGOVLNAWT.EXE Detected by UnHackMe: KUQAQTQY.EXE Default location: %SYSDIR%\KUQAQTQY.EXE Dropper hash(md5): 0007106c237e8689cc68b5111db1a174 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means it does not contain any…