RootKit.Win32.Fednu.w
RootKit.Win32.Fednu.w also known as W32/Koutodoor.A!tr.rkit, RTKT_KTDOOR.SMIB. Malware Analysis of RootKit.Win32.Fednu.w – VIWE.SYS Created files: %Temp%\jatjoxn.bat %Temp%\jqapbk.exe %SysDir%\drivers\viwe.sys %SysDir%\xscf.dll Autostart registry keys: HKLM\System\CurrentControlSet\Services\viw\ImagePath: “system32\drivers\viwe.sys” HKLM\System\CurrentControlSet\Services\viw\DisplayName: “viw” Detected by UnHackMe: VIWE.SYS Default location: %SYSDIR%\DRIVERS\VIWE.SYS Dropper hash(md5): d851ec5f3870a751c6442f9561892c92 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means…