DOOM.EXE – Trojan Binder

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

DOOM.EXE – Trojan Binder removal

FileVirus Alias
DOOM.EXE Trojan Binder
DOOM.EXE Trojan Downloader.Generic
DOOM.EXE Trojan Delf
DOOM.EXE Backdoor RBot
DOOM.EXE Trojan Small
DOOM.EXE Trojan ZBot

Created files:

%Program Files Common%\System\rtproc32.exe – Trojan Binder
%SysDir%\ghsvc.exe – Trojan Binder
%WinDir%\TEMP\DOOM.EXE – Trojan Binder
%WinDir%\TEMP\GHSVC.EXE – Trojan Binder
%WinDir%\TEMP\RTPROC32.EXE – Trojan Binder

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Runtime Process for Win32 Services: %Program Files Common%\System\rtproc32.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Generic Host Process for Win32 Services: ghsvc.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\Generic Host Process for Win32 Services: ghsvc.exe

Detected by UnHackMe:

DOOM.EXE
Default location: %WinDir%\TEMP\DOOM.EXE

Dropper information:
SHA256: b973d265b05b1b06799863e5418b534bea5652ede6642129868037ec94aeae2f
SHA1: ec622d1f1c6276216c249173ecec4a9fff42094c
MD5: 67cee1130eb7c5eae1958b52e2fef7c2
File size: 199168 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images