WWGQWW.EXE – Backdoor Nitol

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

WWGQWW.EXE – Backdoor Nitol removal

FileMD5Virus Alias
WWGQWW.EXE 048715494f73b12935a8d5f0fb1fb17f Backdoor Nitol
WWGQWW.EXE 048715494f73b12935a8d5f0fb1fb17f Trojan Generic
WWGQWW.EXE 048715494f73b12935a8d5f0fb1fb17f Trojan Eldorado
WWGQWW.EXE 048715494f73b12935a8d5f0fb1fb17f Trojan Downloader
WWGQWW.EXE 048715494f73b12935a8d5f0fb1fb17f Trojan Graftor
WWGQWW.EXE 048715494f73b12935a8d5f0fb1fb17f Trojan Agent

WWGQWW.EXE size: 24576 bytes
WWGQWW.EXE hash: 048715494F73B12935A8D5F0FB1FB17F

Created files:

%SysDir%\wwgqww.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Nationallmp\Type: 10000000
HKLM\System\CurrentControlSet\Services\Nationallmp\Start: 02000000
HKLM\System\CurrentControlSet\Services\Nationallmp\DisplayName: Nationalmri Instruments Domain Service
HKLM\System\CurrentControlSet\Services\Nationallmp\ImagePath: %WinDir%\System32\wwgqww.exe
HKLM\System\CurrentControlSet\Services\Nationallmp\Description: Providescpk a domain server for NI security.

Detected by UnHackMe:

WWGQWW.EXE
Default location: %SYSDIR%\WWGQWW.EXE

Dropper information:
MD5: 048715494f73b12935a8d5f0fb1fb17f
File size: 24576 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images