VNIKW.DLL – Backdoor Hupigon

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

VNIKW.DLL – Backdoor Hupigon removal

FileMD5Virus Alias
VNIKW.DLL aae28b79cefbc5d8f447dd815e20ee6c Backdoor Hupigon
VNIKW.DLL aae28b79cefbc5d8f447dd815e20ee6c Trojan Generic
VNIKW.DLL aae28b79cefbc5d8f447dd815e20ee6c Trojan Eldorado
VNIKW.DLL aae28b79cefbc5d8f447dd815e20ee6c Backdoor Pigeon
VNIKW.DLL aae28b79cefbc5d8f447dd815e20ee6c Trojan Agent
VNIKW.DLL aae28b79cefbc5d8f447dd815e20ee6c Trojan Delf

VNIKW.DLL size: 872596 bytes
VNIKW.DLL hash: AAE28B79CEFBC5D8F447DD815E20EE6C

Created files:

%Program Files%\Urtr\Aalz.exe
%Program Files%\Urtr\Ihxib.exe
%Program Files%\Urtr\Ipan\Vnikw.dll
%TEMP%\g8139\Kaskade.v1.0.9.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\OALX\Start: 02000000
HKLM\System\CurrentControlSet\Services\OALX\Type: 10000000
HKLM\System\CurrentControlSet\Services\OALX\Description: Data Online Transaction Processing Module
HKLM\System\CurrentControlSet\Services\OALX\DisplayName: Data Online Transaction Processing Module
HKLM\System\CurrentControlSet\Services\OALX\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\OALX\Group: TDI
HKLM\System\CurrentControlSet\Services\OALX\ObjectName: LocalSystem
HKLM\System\CurrentControlSet\Services\OALX\ImagePath: %Program Files%\Urtr\Ihxib.exe

Detected by UnHackMe:

VNIKW.DLL
Default location: %PROGRAM FILES%\URTR\IPAN\VNIKW.DLL

Dropper information:
MD5: dc093c7b1ffdb6e1a8ba65c310cb8966
File size: 3965786 bytes

Leave a Reply