KAZWITK.DLL – Backdoor Koutodoor

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

KAZWITK.DLL – Backdoor Koutodoor removal

FileMD5Virus Alias
KAZWITK.DLL 03849715ced2d792a211a6d04414f64b Backdoor Koutodoor
KAZWITK.DLL 03849715ced2d792a211a6d04414f64b Trojan Generic
KAZWITK.DLL 03849715ced2d792a211a6d04414f64b Trojan Eldorado
KAZWITK.DLL 03849715ced2d792a211a6d04414f64b Trojan Adload
KAZWITK.DLL 03849715ced2d792a211a6d04414f64b Trojan StartPage

KAZWITK.DLL size: 61440 bytes
KAZWITK.DLL hash: 03849715CED2D792A211A6D04414F64B

Created files:

%SysDir%\drivers\xfl.sys
%SysDir%\kazwitk.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\xfl\Type: 01000000
HKLM\System\CurrentControlSet\Services\xfl\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\xfl\DisplayName: xfl
HKLM\System\CurrentControlSet\Services\xfl\ImagePath: 730079007300740065006D00330032005C0064007200690076006500720073005C00780066006C002E007300790073000000

Detected by UnHackMe:

KAZWITK.DLL
Default location: %SYSDIR%\KAZWITK.DLL

Dropper information:
MD5: 040d5b723da32242df6ff9a2603ae71a
File size: 151536 bytes

Leave a Reply