SVCHOST.EXE – Trojan Artemis

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

SVCHOST.EXE – Trojan Artemis removal

FileMD5Virus Alias
SVCHOST.EXE d9b0f6c9db580182e85116e8b133d6c6 Trojan Artemis
SVCHOST.EXE d9b0f6c9db580182e85116e8b133d6c6 Trojan SuspiciousFile
SVCHOST.EXE d9b0f6c9db580182e85116e8b133d6c6 Trojan PAK_Generic
SVCHOST.EXE d9b0f6c9db580182e85116e8b133d6c6 Trojan Generic
SVCHOST.EXE d9b0f6c9db580182e85116e8b133d6c6 Trojan Downloader
SVCHOST.EXE d9b0f6c9db580182e85116e8b133d6c6 Trojan Agent

SVCHOST.EXE size: 19456 bytes
SVCHOST.EXE hash: D9B0F6C9DB580182E85116E8B133D6C6

Created files:

%WinDir%\svchost.exe
%SysDir%\drivers\ahnurla.sys

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\ahnurla\Type: 01000000
HKLM\System\CurrentControlSet\Services\ahnurla\Start: 02000000
HKLM\System\CurrentControlSet\Services\ahnurla\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\ahnurla\DisplayName: ahnurla
HKLM\System\CurrentControlSet\Services\ahnurla\ImagePath: %WinDir%\System32\drivers\ahnurla.sys

Detected by UnHackMe:

SVCHOST.EXE
Default location: %WinDir%\SVCHOST.EXE

Dropper information:
MD5: fbfc226a9cdb89f43f233ddafe6f6e37
File size: 96880 bytes

Leave a Reply