LOVE.EXE – Trojan Delf

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

LOVE.EXE – Trojan Delf removal

FileMD5Virus Alias
LOVE.EXE 8fdcdcfb24f7ca8ab2b4a02eb591c46d Trojan Delf
LOVE.EXE 8fdcdcfb24f7ca8ab2b4a02eb591c46d Trojan PAK_Generic
LOVE.EXE 8fdcdcfb24f7ca8ab2b4a02eb591c46d Trojan SuspiciousFile
LOVE.EXE 8fdcdcfb24f7ca8ab2b4a02eb591c46d Trojan Generic
LOVE.EXE 8fdcdcfb24f7ca8ab2b4a02eb591c46d Backdoor Pigeon
LOVE.EXE 8fdcdcfb24f7ca8ab2b4a02eb591c46d Trojan Downloader

LOVE.EXE size: 184368 bytes
LOVE.EXE hash: 8FDCDCFB24F7CA8AB2B4A02EB591C46D

Created files:

%WinDir%\love.exe
%WinDir%\sys.exe
%SysDir%\love.exe
%SysDir%\LOVEHKS.DLL
%TEMP%\tmp2B.exe
%TEMP%\tmp2D.exe
%TEMP%\tmp2F.exe
%WinDir%\wint.DLL
%WinDir%\wint.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\LOVE_SERVICE\Type: 10010000
HKLM\System\CurrentControlSet\Services\LOVE_SERVICE\Start: 02000000
HKLM\System\CurrentControlSet\Services\LOVE_SERVICE\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\LOVE_SERVICE\DisplayName: LOVE Service
HKLM\System\CurrentControlSet\Services\LOVE_SERVICE\ImagePath: “%WinDir%\System32\love.exe” /service
HKLM\System\CurrentControlSet\Services\wint\Type: 10010000
HKLM\System\CurrentControlSet\Services\wint\Start: 02000000
HKLM\System\CurrentControlSet\Services\wint\DisplayName: win_t
HKLM\System\CurrentControlSet\Services\wint\ImagePath: %WinDir%\wint.exe

Detected by UnHackMe:

LOVE.EXE
Default location: %SYSDIR%\LOVE.EXE

Dropper information:
MD5: 217ba9217d5e110b6ca9a1f5830e4448
File size: 600148 bytes

Leave a Reply