WINLOCKDLL.DLL – Trojan-Ransom Winlock

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

WINLOCKDLL.DLL – Trojan-Ransom Winlock removal

File MD5 Virus Alias
WINLOCKDLL.DLL b8e16a4652fd481433c9409bea9c5a9e Trojan-Ransom Winlock
WINLOCKDLL.DLL b8e16a4652fd481433c9409bea9c5a9e Worm AMN

WINLOCKDLL.DLL size: 57344 bytes
WINLOCKDLL.DLL hash: B8E16A4652FD481433C9409BEA9C5A9E

Created files:

%TEMP%\IXP000.TMP\AddToTrustedSite.exe
%TEMP%\IXP000.TMP\EBWebOffice.ocx
%TEMP%\IXP000.TMP\eWebEditorClient.dll
%TEMP%\IXP000.TMP\NewvCommon.ocx
%TEMP%\IXP000.TMP\NewvRecorder.ocx
%TEMP%\IXP000.TMP\WinLockDll.dll

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0: rundll32.exe %WinDir%\System32\advpack.dll,DelNodeRunDLL32 “%TEMP%\IXP000.TMP\”

Detected by UnHackMe:

WINLOCKDLL.DLL
Default location: %TEMP%\IXP000.TMP\WINLOCKDLL.DLL

Dropper information:
MD5: c99082486af9ad80467e3a1648834003
File size: 678872 bytes

Leave a Reply