FAAZHRQMDT.EXE – Trojan-Ransom Winlock

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

FAAZHRQMDT.EXE – Trojan-Ransom Winlock removal

File MD5 Virus Alias
FAAZHRQMDT.EXE 25f18024f87d0b775eb8e424474f76f2 Trojan-Ransom Winlock
FAAZHRQMDT.EXE 25f18024f87d0b775eb8e424474f76f2 Trojan CI
FAAZHRQMDT.EXE 25f18024f87d0b775eb8e424474f76f2 Trojan Agent
FAAZHRQMDT.EXE 25f18024f87d0b775eb8e424474f76f2 Trojan ZBot
FAAZHRQMDT.EXE 25f18024f87d0b775eb8e424474f76f2 Trojan Kryptik
FAAZHRQMDT.EXE 25f18024f87d0b775eb8e424474f76f2 Trojan Crypt

FAAZHRQMDT.EXE size: 188216 bytes
FAAZHRQMDT.EXE hash: 25F18024F87D0B775EB8E424474F76F2

Created files:

%UserProfile%\Local Settings\Application Data\faazhrqmdt.exe
%Common AppData%\faazhrqmdt.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell: Explorer.exe, %Common AppData%\faazhrqmdt

Detected by UnHackMe:

FAAZHRQMDT.EXE
Default location: %LOCAL APPDATA%\FAAZHRQMDT.EXE

Dropper information:
MD5: 25f18024f87d0b775eb8e424474f76f2
File size: 188216 bytes

Leave a Reply