Worm Vobfus – smss.exe – 0a938d8c3664b3b67a9b1a05fa6caa70

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

Worm Vobfus
Also known as: Trojan Agent, Trojan Refroso
SHA256: efb173125aed8cbd7b4c156bb865f31bde53ee02b3ae1710160f45fc1b1e0f3b
SHA1: 1db56ad79826cff161e7c3d75afb2db2d6a55c5f
MD5: 0a938d8c3664b3b67a9b1a05fa6caa70
File size: 417792 bytes

Created files:

%SysDir%\smss\smss.exe – Worm Vobfus

Worm Vobfus created autostart registry keys:

HKLM\Software\Microsoft\Active Setup\Installed Components\{IW1M6YY7-T5YY-E578-OQEF-2OWFG1345O6J}\StubPath: %WinDir%\System32\smss\smss.exe Restart
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C0073006D00730073005C0073006D00730073002E006500780065000000
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\HKLM: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C0073006D00730073005C0073006D00730073002E006500780065000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C0073006D00730073005C0073006D00730073002E006500780065000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\HKCU: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C0073006D00730073005C0073006D00730073002E006500780065000000

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images