SS.EXE – Trojan Barys

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

SS.EXE – Trojan Barys removal

File MD5 Virus Alias
SS.EXE 2829cb96c4c3bae7d9b2812b8afda8de Trojan Barys
SS.EXE 2829cb96c4c3bae7d9b2812b8afda8de Trojan Generic
SS.EXE 2829cb96c4c3bae7d9b2812b8afda8de Trojan Agent
SS.EXE 2829cb96c4c3bae7d9b2812b8afda8de Trojan Jorik

SS.EXE size: 25088 bytes
SS.EXE hash: 2829CB96C4C3BAE7D9B2812B8AFDA8DE

Created files:

%UserProfile%\ss.exe
%UserProfile%\winlogon.exe
%SysDir%\crrss.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\crrss: %WinDir%\System32\crrss.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: %WinDir%\System32\userinit.exe,%WinDir%\System32\crrss.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\winlogon: %WinDir%\System32\config\Systemprofile\winlogon.exe
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\shell: explorer.exe “%WinDir%\System32\config\Systemprofile\winlogon.exe”

Detected by UnHackMe:

SS.EXE
Default location: %USERPROFILE%\SS.EXE

Dropper information:
MD5: 9122cf2a819f037f679b1c43955bd3a7
File size: 44032 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images