TUNNELIER.EXE – Trojan SuspiciousFile

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

TUNNELIER.EXE – Trojan SuspiciousFile removal

FileMD5Virus Alias
TUNNELIER.EXE 61596401bc9ffcc4d13ad66c64eca2aa Trojan SuspiciousFile

TUNNELIER.EXE size: 6296832 bytes
TUNNELIER.EXE hash: 61596401BC9FFCC4D13AD66C64ECA2AA

Created files:

%TEMP%\~sfx005A03C19D\configSSH\isat1.bscp
%TEMP%\~sfx005A03C19D\configSSH\isat2.bscp
%TEMP%\~sfx005A03C19D\configSSH\tunnelier.exe
%TEMP%\~sfx005A03C19D\Indosat.exe
%TEMP%\~sfx005A03C19D\Proxifier PE\felix.conf
%TEMP%\~sfx005A03C19D\Proxifier PE\felixihik.exe
%TEMP%\~sfx005A03C19D\Proxifier PE\Helper64.exe
%TEMP%\~sfx005A03C19D\Proxifier PE\MSWINSCK.OCX
%TEMP%\~sfx005A03C19D\Proxifier PE\Profiles\Default.ppx
%TEMP%\~sfx005A03C19D\Proxifier PE\Profiles\isat.ppx
%TEMP%\~sfx005A03C19D\Proxifier PE\Proxifier.exe
%TEMP%\~sfx005A03C19D\Proxifier PE\ProxyChecker.exe
%TEMP%\~sfx005A03C19D\Proxifier PE\PrxDrvPE.dll
%TEMP%\~sfx005A03C19D\Proxifier PE\PrxDrvPE64.dll
%TEMP%\~sfx005A03C19D\whitefire.she

Detected by UnHackMe:

TUNNELIER.EXE
Default location: %TEMP%\~SFX005A03C19D\CONFIGSSH\TUNNELIER.EXE

Dropper information:
MD5: 1141a05c695833d2c9ed9cb65d3f8e5d
File size: 11948255 bytes

Leave a Reply