Backdoor Nitol – hra33.dll – 2d53ee91ed80e8a5a0134a7b7bc8097c

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

Backdoor Nitol
Also known as: Trojan Scar, Trojan Agent
SHA256: 88127c1ca940b5e087cb124f942761bffdefe2c73e4574570f1f914224083cf2
SHA1: a8df996004f0bae739b8d1a15a8fcc1d868d34e2
MD5: 2d53ee91ed80e8a5a0134a7b7bc8097c
File size: 35328 bytes

Created files:

%SysDir%\hra33.dll – Backdoor Nitol
%SysDir%\waqkws.exe – Backdoor Nitol

Backdoor Nitol created autostart registry keys:

HKLM\System\CurrentControlSet\Services\MediaCenterplf\Type: 10000000
HKLM\System\CurrentControlSet\Services\MediaCenterplf\Start: 02000000
HKLM\System\CurrentControlSet\Services\MediaCenterplf\DisplayName: MS Driver Servcice Centerlwb.
HKLM\System\CurrentControlSet\Services\MediaCenterplf\ImagePath: %WinDir%\System32\waqkws.exe
HKLM\System\CurrentControlSet\Services\MediaCenterplf\Description: Provides support for driver Software. This service can’t be stopedgbc

Leave a Reply