sys32conf.exe – Backdoor Poison

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

sys32conf.exe – Backdoor Poison removal

FileVirus Alias
sys32conf.exe Backdoor Poison
sys32conf.exe Trojan Downloader
sys32conf.exe Trojan Agent
sys32conf.exe Trojan Delf
sys32conf.exe Trojan Generic

Created files:

%SysDir%\sys32conf\sys32conf.exe – Backdoor Poison

Autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\UserInit: %WinDir%\System32\userinit.exe,%WinDir%\System32\sys32conf\sys32conf.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\systm32config: %WinDir%\System32\sys32conf\sys32conf.exe

Detected by UnHackMe:

sys32conf.exe
Default location: %SysDir%\sys32conf\sys32conf.exe

Dropper information:
SHA256: 64a07905a2f55298a4ffeac21b58b7097c70b583f453d65b07ad73609f187229
SHA1: 5c7935d4ee54fe6527e645d3ef400d9daef736c5
MD5: f5c689cf6d4e8da7e6501de9e4befd4a
File size: 830464 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images