KWWGSW.EXE – Backdoor Nitol

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

KWWGSW.EXE – Backdoor Nitol removal

FileMD5Virus Alias
KWWGSW.EXE bc4e3bbf7c6e1f97755f72fbbf6b8ede Backdoor Nitol
KWWGSW.EXE bc4e3bbf7c6e1f97755f72fbbf6b8ede Trojan SuspiciousFile
KWWGSW.EXE bc4e3bbf7c6e1f97755f72fbbf6b8ede Trojan Artemis
KWWGSW.EXE bc4e3bbf7c6e1f97755f72fbbf6b8ede Trojan Generic
KWWGSW.EXE bc4e3bbf7c6e1f97755f72fbbf6b8ede Backdoor RBot
KWWGSW.EXE bc4e3bbf7c6e1f97755f72fbbf6b8ede Backdoor Farfli

KWWGSW.EXE size: 26624 bytes
KWWGSW.EXE hash: BC4E3BBF7C6E1F97755F72FBBF6B8EDE

Created files:

%WinDir%\kwwgsw.exe
%SysDir%\hra33.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Abcdef Hijweweklmno Qrs\Type: 10010000
HKLM\System\CurrentControlSet\Services\Abcdef Hijweweklmno Qrs\Start: 02000000
HKLM\System\CurrentControlSet\Services\Abcdef Hijweweklmno Qrs\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\Abcdef Hijweweklmno Qrs\DisplayName: Abcdef Hijklwewewertmno Qrstuvwx Abcd
HKLM\System\CurrentControlSet\Services\Abcdef Hijweweklmno Qrs\ImagePath: %WinDir%\kwwgsw.exe
HKLM\System\CurrentControlSet\Services\Abcdef Hijweweklmno Qrs\Description: Abcdefgh Jklmnrtrteopqr Tuvwxya Cdefghij Lmn

Detected by UnHackMe:

KWWGSW.EXE
Default location: %WinDir%\KWWGSW.EXE

Dropper information:
MD5: bc4e3bbf7c6e1f97755f72fbbf6b8ede
File size: 26624 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images