BRTXEJJTWR4.exe – Worm AMN

Worm No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

BRTXEJJTWR4.exe – Worm AMN removal

FileVirus Alias
BRTXEJJTWR4.exe Worm AMN
BRTXEJJTWR4.exe Trojan Downloader.Generic
BRTXEJJTWR4.exe Trojan Crypt
BRTXEJJTWR4.exe Trojan Agent
BRTXEJJTWR4.exe Trojan CI
BRTXEJJTWR4.exe Trojan Buzus

Created files:

%AppData%\BRTXEJJTWR4.exe – Worm AMN
%Temp%\sample.exe – Worm AMN

Autostart registry keys:

HKLM\Software\Microsoft\Active Setup\Installed Components\{1DDBA29E-A8AF-35CF-DE19-391CD9BBEEBE}\StubPath: %AppData%\BRTXEJJTWR4.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\run\java: %AppData%\BRTXEJJTWR4.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\java: %AppData%\BRTXEJJTWR4.exe
HKCU\Software\Microsoft\Active Setup\Installed Components\{1DDBA29E-A8AF-35CF-DE19-391CD9BBEEBE}\StubPath: %AppData%\BRTXEJJTWR4.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run :
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\java: %AppData%\BRTXEJJTWR4.exe

Detected by UnHackMe:

BRTXEJJTWR4.exe
Default location: %AppData%\BRTXEJJTWR4.exe
Dropper information:
SHA256: c29bea0e5340de0298b35cba25fadf89f7a39d6dc455d3768e915d5b28f789bc
SHA1: aafa3c7e1fbad20fe9e87a20dc1f0bf0c187eac3
MD5: a30ae3f989900c74dad60bc859179f47
File size: 236832 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images