AMQYXE.EXE – Trojan Panda

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

AMQYXE.EXE – Trojan Panda removal

FileMD5Virus Alias
AMQYXE.EXE 2d488116166915d889136d6183a8a001 Trojan Panda
AMQYXE.EXE 2d488116166915d889136d6183a8a001 Trojan XPACK
AMQYXE.EXE 2d488116166915d889136d6183a8a001 Trojan Generic
AMQYXE.EXE 2d488116166915d889136d6183a8a001 Trojan ZBot
AMQYXE.EXE 2d488116166915d889136d6183a8a001 Trojan Kryptik

AMQYXE.EXE size: 438272 bytes
AMQYXE.EXE hash: 2D488116166915D889136D6183A8A001

Created files:

%SysDir%\drivers\5663be.sys
%WinDir%\Temp\Cyxey\amqyxe.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\5663be\Type: 01000000
HKLM\System\CurrentControlSet\Services\5663be\Start: 01000000
HKLM\System\CurrentControlSet\Services\5663be\DisplayName: amqyxe.exe
HKLM\System\CurrentControlSet\Services\5663be\ImagePath: %WinDir%\System32\drivers\5663be.sys
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Amqyxe: %WinDir%\Temp\Cyxey\amqyxe.exe

Detected by UnHackMe:

AMQYXE.EXE
Default location: %TEMP%\CYXEY\AMQYXE.EXE

Dropper information:
MD5: fb846c192daec98c78cf88801a955e84
File size: 438272 bytes

Leave a Reply