DBSOFT.DLL – Backdoor Hupigon

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

DBSOFT.DLL – Backdoor Hupigon removal

FileMD5Virus Alias
DBSOFT.DLL 2fefa90be80337deaaec147410418302 Backdoor Hupigon
DBSOFT.DLL 2fefa90be80337deaaec147410418302 Trojan SuspiciousFile
DBSOFT.DLL 2fefa90be80337deaaec147410418302 Trojan Downloader
DBSOFT.DLL 2fefa90be80337deaaec147410418302 Trojan CI
DBSOFT.DLL 2fefa90be80337deaaec147410418302 Trojan Vundo
DBSOFT.DLL 2fefa90be80337deaaec147410418302 Trojan Agent

DBSOFT.DLL size: 597543 bytes
DBSOFT.DLL hash: 2FEFA90BE80337DEAAEC147410418302

Created files:

%AppData%\mymacro\qdisp.dll
%TEMP%\cfgdll.dll
%TEMP%\plugin\BGKMS4_02.DLL
%TEMP%\plugin\BKGND.DLL
%TEMP%\plugin\DBSOFT.DLL
%TEMP%\plugin\FILE.DLL
%TEMP%\plugin\MEDIA.DLL
%TEMP%\plugin\MEMORY.DLL
%TEMP%\plugin\MSG.DLL
%TEMP%\plugin\REGDLL.DLL
%TEMP%\plugin\SYS.DLL
%TEMP%\plugin\WINDOW.DLL
%TEMP%\plugin\WNDEX6.DLL
%TEMP%\~GM20C.exe

Autostart registry keys:

HKLM\Software\Classes\CLSID\{241D7F03-9232-4024-8373-149860BE27C0}\InProcServer32 : %WinDir%\System32\config\SYSTEM~1\APPLIC~1\mymacro\qdisp.dll
HKLM\Software\Classes\CLSID\{C07DB6A3-34FC-4084-BE2E-76BB9203B049}\InProcServer32 : %WinDir%\System32\config\SYSTEM~1\APPLIC~1\mymacro\qdisp.dll
HKLM\Software\Classes\CLSID\{EBEB87A6-E151-4054-AB45-A6E094C5334B}\InProcServer32 : %WinDir%\System32\config\SYSTEM~1\APPLIC~1\mymacro\qdisp.dll

Detected by UnHackMe:

DBSOFT.DLL
Default location: %TEMP%\PLUGIN\DBSOFT.DLL

Dropper information:
MD5: ea971bcc8dfa7b223712db2c2afd3bfd
File size: 9383307 bytes

Leave a Reply