SYSTEM32CRHG.007 – KeyLogger Ardamax

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

SYSTEM32CRHG.007 – KeyLogger Ardamax removal

FileMD5Virus Alias
SYSTEM32CRHG.007 e8155b68775ed29590e14df80fdc0e9f KeyLogger Ardamax
SYSTEM32CRHG.007 e8155b68775ed29590e14df80fdc0e9f Suspicious File

SYSTEM32CRHG.007 size: 5632 bytes
SYSTEM32CRHG.007 hash: E8155B68775ED29590E14DF80FDC0E9F

Created files:

%WinDir%\Cursors\appstar2.ani
%WinDir%\Cursors\appstar3.ani
%WinDir%\Cursors\appstart.ani
%WinDir%\Cursors\banana.ani
%WinDir%\Cursors\barber.ani
%WinDir%\Cursors\coin.ani
%WinDir%\Cursors\counter.ani
%WinDir%\Cursors\dinosau2.ani
%WinDir%\Cursors\dinosaur.ani
%WinDir%\Cursors\drum.ani
%WinDir%\Cursors\fillitup.ani
%WinDir%\Cursors\hand.ani
%WinDir%\Cursors\handapst.ani
%WinDir%\Cursors\handnesw.ani
%WinDir%\Cursors\handno.ani
%WinDir%\Cursors\handns.ani
%WinDir%\Cursors\handnwse.ani
%WinDir%\Cursors\handwait.ani
%WinDir%\Cursors\handwe.ani
%WinDir%\Cursors\horse.ani
%WinDir%\Cursors\hourgla2.ani
%WinDir%\Cursors\hourgla3.ani
%WinDir%\Cursors\hourglas.ani
%WinDir%\Cursors\metronom.ani
%WinDir%\Cursors\piano.ani
%WinDir%\Cursors\rainbow.ani
%WinDir%\Cursors\raindrop.ani
%WinDir%\Cursors\sizenesw.ani
%WinDir%\Cursors\sizens.ani
%WinDir%\Cursors\sizenwse.ani
%WinDir%\Cursors\sizewe.ani
%WinDir%\Cursors\stopwtch.ani
%WinDir%\Cursors\vanisher.ani
%WinDir%\Cursors\wagtail.ani
%WinDir%\ehome\custsat.dll
%WinDir%\explorer.exe
%WinDir%\explorer.scf
%WinDir%\Fonts\8514fix.fon
%WinDir%\Fonts\8514fixe.fon
%WinDir%\Fonts\8514fixg.fon
%WinDir%\Fonts\8514fixr.fon
%SysDir%AKV.exe
%SysDir%CRHG.001
%SysDir%CRHG.006
%SysDir%CRHG.007
%SysDir%CRHG.exe

Detected by UnHackMe:

SYSTEM32CRHG.007
Default location: %SYSDIR%CRHG.007

Dropper information:
MD5: 25bcd00e1df16b2d148713ddcdcdf70f
File size: 513795 bytes

Leave a Reply