EVPN.006 – KeyLogger Ardamax

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

EVPN.006 – KeyLogger Ardamax removal

File MD5 Virus Alias
EVPN.006 911a5a213762001178a48b2ceefa1880 KeyLogger Ardamax
EVPN.006 911a5a213762001178a48b2ceefa1880 Trojan UnwantedProgram
EVPN.006 911a5a213762001178a48b2ceefa1880 Trojan Eldorado
EVPN.006 911a5a213762001178a48b2ceefa1880 Trojan Downloader
EVPN.006 911a5a213762001178a48b2ceefa1880 Trojan Agent
EVPN.006 911a5a213762001178a48b2ceefa1880 Backdoor Bifrose

EVPN.006 size: 8192 bytes
EVPN.006 hash: 911A5A213762001178A48B2CEEFA1880

Created files:

%SysDir%\28463\AKV.exe
%SysDir%\28463\EVPN.001
%SysDir%\28463\EVPN.002
%SysDir%\28463\EVPN.006
%SysDir%\28463\EVPN.007
%SysDir%\28463\EVPN.exe
%Temp%\Necroxia Origin.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\EVPN Agent: %WinDir%\System32\28463\EVPN.exe

Detected by UnHackMe:

EVPN.006
Default location: %SYSDIR%\28463\EVPN.006

Dropper information:
MD5: 7c6bd8c08a5d3fcd3213c86e2655b91b
File size: 1974419 bytes

Leave a Reply