HMXZOSYC.EXE – Trojan Androm

November 7, 2013

Alex NightWatcher

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

HMXZOSYC.EXE – Trojan Androm removal

File	MD5	Virus Alias
HMXZOSYC.EXE	5acbf5909ac11f6c17dea38631277360	Trojan Androm
HMXZOSYC.EXE	5acbf5909ac11f6c17dea38631277360	Trojan Ransom
HMXZOSYC.EXE	5acbf5909ac11f6c17dea38631277360	Trojan Generic
HMXZOSYC.EXE	5acbf5909ac11f6c17dea38631277360	Trojan Graftor
HMXZOSYC.EXE	5acbf5909ac11f6c17dea38631277360	Adware InstallCore
HMXZOSYC.EXE	5acbf5909ac11f6c17dea38631277360	Trojan Agent

HMXZOSYC.EXE size: 190464 bytes
HMXZOSYC.EXE hash: 5ACBF5909AC11F6C17DEA38631277360

Created files:

%Program Files%\Internet Explorer\hMxzOsYc.exe
%Local AppData%\Microsoft\BovXdYyO.exe
%SysDir%\config\systemprofile\Start Menu\Programs\Startup\sdmmVYnN.exe
%TEMP%\OLCjeUbW.exe
%AppData%\Microsoft\Crypto\RSA\S-1-5-21-515967899-854245398-1708537768-1003\655a7350831c302c746f72e92c1ab924_78de4566-a5cc-4192-bf8d-014e0d2bd235

Autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit: %WinDir%\System32\userinit.exe,,%Program Files%\Internet Explorer\hMxzOsYc.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\AkjsDDLS: %WinDir%\System32\config\Systemprofile\Local Settings\Application Data\Microsoft\BovXdYyO.exe

Detected by UnHackMe:

HMXZOSYC.EXE
Default location: %PROGRAM FILES%\INTERNET EXPLORER\HMXZOSYC.EXE

Dropper information:
MD5: 5acbf5909ac11f6c17dea38631277360
File size: 190464 bytes

Leave a Reply Cancel reply

You must be logged in to post a comment.