SPOOLS.EXE – Trojan Downloader

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

SPOOLS.EXE – Trojan Downloader removal

FileMD5Virus Alias
SPOOLS.EXE de488ab4dbdc1475fe08bc1a8fbf7b3c Trojan Downloader
SPOOLS.EXE de488ab4dbdc1475fe08bc1a8fbf7b3c Trojan Adload
SPOOLS.EXE de488ab4dbdc1475fe08bc1a8fbf7b3c Worm Autorun
SPOOLS.EXE de488ab4dbdc1475fe08bc1a8fbf7b3c Trojan Agent
SPOOLS.EXE de488ab4dbdc1475fe08bc1a8fbf7b3c Trojan Small
SPOOLS.EXE de488ab4dbdc1475fe08bc1a8fbf7b3c Trojan ZBot

SPOOLS.EXE size: 561714 bytes
SPOOLS.EXE hash: DE488AB4DBDC1475FE08BC1A8FBF7B3C

Created files:

%UserProfile%\cftmon.exe
%SysDir%\drivers\spools.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ntuser: %WinDir%\System32\drivers\spools.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\autoload: %WinDir%\System32\config\Systemprofile\cftmon.exe
HKLM\System\CurrentControlSet\Services\Schedule\ImagePath: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C0064007200690076006500720073005C00730070006F006F006C0073002E006500780065000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ntuser: %WinDir%\System32\drivers\spools.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\autoload: %WinDir%\System32\config\Systemprofile\cftmon.exe

Detected by UnHackMe:

SPOOLS.EXE
Default location: %SYSDIR%\DRIVERS\SPOOLS.EXE

Dropper information:
MD5: 032ba8e4969c3122d67645f16d8880e9
File size: 534250 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images