Spyware/Win32.Zbot.R71682
Spyware/Win32.Zbot.R71682 also known as Win32.Trojan.WisdomEyes.151026.9950.9999, Trj/Genetic.gen, Packed.Generic.402. Malware Analysis of Spyware/Win32.Zbot.R71682 – EHELS.EXE Created files: %LOCAL APPDATA%\MICROSOFT\WINDOWS MAIL\TMP.EDB %TEMP%\PPCRLUI_4000_2 %APPDATA%\URJAD\EHELS.EXE Autostart registry keys: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\EHELS: “%APPDATA%\URJAD\EHELS.EXE” Detected by UnHackMe: EHELS.EXE DEFAULT LOCATION: %APPDATA%\URJAD\EHELS.EXE Dropper hash(md5): c7bdd1334c20cd73e23a8be62f44c3a0 UnHackMe removes malware invisible for your antivirus! UnHackMe is compatible with most antivirus software. UnHackMe is 100% CLEAN, which means…