FELIXIHIK.EXE – Trojan Artemis

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

FELIXIHIK.EXE – Trojan Artemis removal

FileMD5Virus Alias
FELIXIHIK.EXE b4f1a632d7d93a44d55fab43301fac06 Trojan Artemis
FELIXIHIK.EXE b4f1a632d7d93a44d55fab43301fac06 Trojan Win32-Spy
FELIXIHIK.EXE b4f1a632d7d93a44d55fab43301fac06 Trojan CI
FELIXIHIK.EXE b4f1a632d7d93a44d55fab43301fac06 Trojan Crypt

FELIXIHIK.EXE size: 28672 bytes
FELIXIHIK.EXE hash: B4F1A632D7D93A44D55FAB43301FAC06

Created files:

%TEMP%\~sfx005A03C19D\configSSH\isat1.bscp
%TEMP%\~sfx005A03C19D\configSSH\isat2.bscp
%TEMP%\~sfx005A03C19D\configSSH\tunnelier.exe
%TEMP%\~sfx005A03C19D\Indosat.exe
%TEMP%\~sfx005A03C19D\Proxifier PE\felix.conf
%TEMP%\~sfx005A03C19D\Proxifier PE\felixihik.exe
%TEMP%\~sfx005A03C19D\Proxifier PE\Helper64.exe
%TEMP%\~sfx005A03C19D\Proxifier PE\MSWINSCK.OCX
%TEMP%\~sfx005A03C19D\Proxifier PE\Profiles\Default.ppx
%TEMP%\~sfx005A03C19D\Proxifier PE\Profiles\isat.ppx
%TEMP%\~sfx005A03C19D\Proxifier PE\Proxifier.exe
%TEMP%\~sfx005A03C19D\Proxifier PE\ProxyChecker.exe
%TEMP%\~sfx005A03C19D\Proxifier PE\PrxDrvPE.dll
%TEMP%\~sfx005A03C19D\Proxifier PE\PrxDrvPE64.dll
%TEMP%\~sfx005A03C19D\whitefire.she

Detected by UnHackMe:

FELIXIHIK.EXE
Default location: %TEMP%\~SFX005A03C19D\PROXIFIER PE\FELIXIHIK.EXE

Dropper information:
MD5: 1141a05c695833d2c9ed9cb65d3f8e5d
File size: 11948255 bytes

Leave a Reply