Trojan Banload – dsua.exe – a57464d62317c0d965752a9342abce2e

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

Trojan Banload
Also known as: Trojan Generic, Trojan CI
SHA256: 692d55bc6378126dcbed2dd5d889e87482ca064fc64b0322aef1a61eca067d7b
SHA1: 4c2034637201f1d562d6348f79f6bf7f2ba09e38
MD5: a57464d62317c0d965752a9342abce2e
File size: 483840 bytes

Created files:

%Personal%\cadefcad\dsua.exe – Trojan Banload
%Personal%\cadefcad\Firewall_Windows.exe – Trojan Banload
%Personal%\cadefcad\icudt.dll – Trojan Banload
%Personal%\cadefcad\libcef.dll – Trojan Banload
%Personal%\cadefcad\winupdate.exe – Trojan Banload
%Personal%\cadefcad\wqmgr.exe – Trojan Banload

Trojan Banload created autostart registry keys:

HKCU\Software\Microsoft\Windows\CurrentVersion\RUN\wqmgr.exe: %Personal%\cadefcad\wqmgr.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RUN\svhost.exe: %Personal%\cadefcad\svhost.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RUN\pvchost.exe: %Personal%\cadefcad\pvchost.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RUN\winupdate.exe: %Personal%\cadefcad\winupdate.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\RUN\dsbua.exe: %Personal%\cadefcad\dsbua.exe
user\S-1-5-21-15044950-4219544130-4274662314-1000\Software\Classes\Applications\inicio.exe\TaskbarGroupIcon: 43003A005C004100720071007500690076006F0073002000640065002000700072006F006700720061006D0073005C004100560047005C00410056004700310030005C00610076006700750069007200650073002E0064006C006C002C002D003100320038000000
user\S-1-5-21-15044950-4219544130-4274662314-1000\Software\Classes\Applications\Nicrosoft.exe\TaskbarGroupIcon: 43003A005C004100720071007500690076006F0073002000640065002000700072006F006700720061006D0073005C004100560047005C00410056004700310030005C00610076006700750069007200650073002E0064006C006C002C002D003100320038000000
user\S-1-5-21-15044950-4219544130-4274662314-1000\Software\Classes\Applications\regss.exe\TaskbarGroupIcon: 43003A005C004100720071007500690076006F0073002000640065002000700072006F006700720061006D0073005C004100560047005C00410056004700310030005C00610076006700750069007200650073002E0064006C006C002C002D003100320038000000

Leave a Reply