Win.Worm.Agent-52670

Worm No Comments

Dmitry Sokolov recommends UnHackMe!

UnHackMe is a powerful tool against malware.

UnHackMe quickly removes rootkits/malware/adware/browser hijack issues!

: Solved! 5 Stars (5 / 5)

Win.Worm.Agent-52670 also known as Riskware ( 0040eff71 ), Generic.Malware.SP!VPk!prn.54B2F32F, BehavesLike.Win32.Backdoor.cc.

Malware Analysis of Win.Worm.Agent-52670 – SWEDISH TRAMBLING CUMSHOT MASTURBATION ASH CIRCUMCISION .RAR.EXE

Created files:

%WinDir%\mssrv.exe
C:\debug.txt
%Appdata%\Adobe\Shockwave Player 11\xtras\download\swedish trambling cumshot masturbation ash circumcision .rar.exe
%Appdata%\Macromedia\Flash Player\#SharedObjects\french gang bang full movie .avi.exe
%Appdata%\Sun\Java\Deployment\tmp\swedish horse blowjob public (Melissa).zip.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\mssrv32: 43 3A 5C 57 49 4E 44 4F 57 53 5C 6D 73 73 72 76 2E 65 78 65 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 76 14 00 00 00 00 00 08 00 00 00 AE 2C 91 7C 00 00 00 00 51 2D 91 7C 58 2D 91 7C 60 00 00 00 08 02 00 00 28 76 14 00 68 01 14 00 00 00 00 00 00 00 00 00 28 76 14 00 40 00 00 00 30 76 14 00 79 79 79 79 78 01 14 00 00 00 14 00 01 00 00 00 00 00 14 00 69 75 12 00 79 00 00 00 B0 79 12 00 10 00 01 00 41 00 00 00 64 75 12 00 00 00 00 00 B0 79 12 00 00 65 3F 7C 40 00 91 7C 79 79 79 79 3D 00 91 7C 3F 04 91 7C 00 00 14 00 00 00 00 00 3F 51 14 00 44 75 12 00 62 04 91 7C 3F 51 14 00 31 00 00 00 68 75 12 00 0C B6 88 7C 60 75 12 00 0F 41 40 00 94 79 12 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 79 12 00 61 1A 40 00

Detected by UnHackMe:

SWEDISH TRAMBLING CUMSHOT MASTURBATION ASH CIRCUMCISION .RAR.EXE
Default location: %APPDATA%\ADOBE\SHOCKWAVE PLAYER 11\XTRAS\DOWNLOAD\SWEDISH TRAMBLING CUMSHOT MASTURBATION ASH CIRCUMCISION .RAR.EXE

Dropper hash(md5): 342892facc29a5698ff955e3a77dd0fa

Written by 

Malware Hunter.

UnHackMe removes malware invisible for your antivirus!

Free Download

1
UnHackMe is compatible with most antivirus software.
UnHackMe is 100% CLEAN, which means it does not contain any form of malware, including adware, spyware, viruses, trojans and backdoors. VirusTotal (0/56).
System Requirements: Windows 2000-Windows 8.1/10. UnHackMe uses minimum of computer resources.

Tatva WordPress theme by IdeaBox

WordPress SEO fine-tune by Meta SEO Pack from Poradnik Webmastera