HRA33.DLL – Backdoor Nitol

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

HRA33.DLL – Backdoor Nitol removal

FileMD5Virus Alias
HRA33.DLL 7147ff24579a477a1a34696926e573f1 Backdoor Nitol
HRA33.DLL 7147ff24579a477a1a34696926e573f1 Trojan Downloader
HRA33.DLL 7147ff24579a477a1a34696926e573f1 Worm AMN
HRA33.DLL 7147ff24579a477a1a34696926e573f1 Trojan Agent
HRA33.DLL 7147ff24579a477a1a34696926e573f1 Trojan FakeAV
HRA33.DLL 7147ff24579a477a1a34696926e573f1 Trojan Scar

HRA33.DLL size: 7680 bytes
HRA33.DLL hash: 7147FF24579A477A1A34696926E573F1

Created files:

%SysDir%\hra33.dll
%SysDir%\mygiuo.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Nationalfnc\Type: 10000000
HKLM\System\CurrentControlSet\Services\Nationalfnc\Start: 02000000
HKLM\System\CurrentControlSet\Services\Nationalfnc\DisplayName: Nationaldme Instruments Domain Service
HKLM\System\CurrentControlSet\Services\Nationalfnc\ImagePath: %WinDir%\System32\mygiuo.exe
HKLM\System\CurrentControlSet\Services\Nationalfnc\Description: Providesvau a domain server for NI security.

Detected by UnHackMe:

HRA33.DLL
Default location: %SYSDIR%\HRA33.DLL

Dropper information:
MD5: 5757e482191edc2462935c44eb0441de
File size: 38400 bytes

Leave a Reply