BehavesLike.Win32.Comame.hc

malware No Comments

Dmitry Sokolov recommends UnHackMe!

UnHackMe is a powerful tool against malware.

UnHackMe quickly removes rootkits/malware/adware/browser hijack issues!

: Solved! 5 Stars (5 / 5)

BehavesLike.Win32.Comame.hc also known as Worm/Win32.Agent.cp, W32/Generic.worm.f, Worm.Win32.Agent.b.

Malware Analysis of BehavesLike.Win32.Comame.hc – AFRICAN KICKING ANIMAL [FREE] FEET WIFEY .RAR.EXE

Created files:

%Appdata%\Adobe\Shockwave Player 11\xtras\download\chinese cumshot hardcore [free] traffic .zip.exe
%Appdata%\Macromedia\Flash Player\#SharedObjects\porn sperm hot (!) .rar.exe
%Appdata%\Sun\Java\Deployment\tmp\african kicking animal [free] feet wifey .rar.exe
%Local Appdata%\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\hardcore xxx several models titts bedroom .mpg.exe
%Temp%\CR_EAD00.tmp\french nude [free] .zip.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\mssrv32: 43 3A 5C 57 49 4E 44 4F 57 53 5C 6D 73 73 72 76 2E 65 78 65 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 00 00 00 AE 2C 91 7C 61 2C 91 7C 51 2D 91 7C 58 2D 91 7C 60 00 00 00 08 02 00 00 3F 01 00 00 19 00 1A 00 3F 75 12 00 00 00 00 00 2C 75 12 00 00 00 00 00 60 70 14 00 79 79 79 79 58 2D 91 7C 00 00 14 00 01 00 00 00 00 00 14 00 69 75 12 00 79 00 00 00 B0 79 12 00 10 00 01 00 41 00 00 00 64 75 12 00 00 00 00 00 B0 79 12 00 00 65 3F 7C 40 00 91 7C 79 79 79 79 3D 00 91 7C 3F 04 91 7C 00 00 14 00 00 00 00 00 3F 51 14 00 44 75 12 00 62 04 91 7C 3F 51 14 00 31 00 00 00 68 75 12 00 0C B6 88 7C 60 75 12 00 0F 41 40 00 94 79 12 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 79 12 00 61 1A 40 00

Detected by UnHackMe:

AFRICAN KICKING ANIMAL [FREE] FEET WIFEY .RAR.EXE
Default location: %APPDATA%\SUN\JAVA\DEPLOYMENT\TMP\AFRICAN KICKING ANIMAL [FREE] FEET WIFEY .RAR.EXE

Dropper hash(md5): 95d338ffeb6c286db6c6f2585ada08e9

Written by 

Malware Hunter.

UnHackMe removes malware invisible for your antivirus!

Free Download

1
UnHackMe is compatible with most antivirus software.
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10. UnHackMe uses minimum of computer resources.

Tatva WordPress theme by IdeaBox

WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera