PASSWORD.RECOVERY.BUNDLE.2008.V1.0.INCL.KEYGEN-VIRILITY.EXE – Trojan Bumat

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

PASSWORD.RECOVERY.BUNDLE.2008.V1.0.INCL.KEYGEN-VIRILITY.EXE – Trojan Bumat removal

FileMD5Virus Alias
PASSWORD.RECOVERY.BUNDLE.2008.V1.0.INCL.KEYGEN-VIRILITY.EXE e5a5467dce541ce3b9895fdc31cb075c Trojan Bumat
PASSWORD.RECOVERY.BUNDLE.2008.V1.0.INCL.KEYGEN-VIRILITY.EXE e5a5467dce541ce3b9895fdc31cb075c Trojan Generic
PASSWORD.RECOVERY.BUNDLE.2008.V1.0.INCL.KEYGEN-VIRILITY.EXE e5a5467dce541ce3b9895fdc31cb075c Trojan Chifrax
PASSWORD.RECOVERY.BUNDLE.2008.V1.0.INCL.KEYGEN-VIRILITY.EXE e5a5467dce541ce3b9895fdc31cb075c Trojan Eldorado
PASSWORD.RECOVERY.BUNDLE.2008.V1.0.INCL.KEYGEN-VIRILITY.EXE e5a5467dce541ce3b9895fdc31cb075c Trojan CI
PASSWORD.RECOVERY.BUNDLE.2008.V1.0.INCL.KEYGEN-VIRILITY.EXE e5a5467dce541ce3b9895fdc31cb075c Trojan Agent

PASSWORD.RECOVERY.BUNDLE.2008.V1.0.INCL.KEYGEN-VIRILITY.EXE size: 781434 bytes
PASSWORD.RECOVERY.BUNDLE.2008.V1.0.INCL.KEYGEN-VIRILITY.EXE hash: E5A5467DCE541CE3B9895FDC31CB075C

Created files:

%Program Files%\Gixz\Hpirh.exe
%Program Files%\Gixz\Muwex.exe
%Program Files%\Gixz\Rffu\Omnge.dll
%TEMP%\g89\Password.Recovery.Bundle.2008.v1.0.Incl.Keygen-ViRiLiTY.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\OALX\Start: 02000000
HKLM\System\CurrentControlSet\Services\OALX\Type: 10000000
HKLM\System\CurrentControlSet\Services\OALX\Description: Data Online Transaction Processing Module
HKLM\System\CurrentControlSet\Services\OALX\DisplayName: Data Online Transaction Processing Module
HKLM\System\CurrentControlSet\Services\OALX\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\OALX\Group: TDI
HKLM\System\CurrentControlSet\Services\OALX\ObjectName: LocalSystem
HKLM\System\CurrentControlSet\Services\OALX\ImagePath: %Program Files%\Gixz\Muwex.exe

Detected by UnHackMe:

PASSWORD.RECOVERY.BUNDLE.2008.V1.0.INCL.KEYGEN-VIRILITY.EXE
Default location: %TEMP%\G89\PASSWORD.RECOVERY.BUNDLE.2008.V1.0.INCL.KEYGEN-VIRILITY.EXE

Dropper information:
MD5: 09751cd87cb38f7ce0053e29a3625a78
File size: 2726169 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images