SERVER.EXE – Trojan Delf

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

SERVER.EXE – Trojan Delf removal

FileMD5Virus Alias
SERVER.EXE c0a16dcff246cc3f2ac7f407061ee4c8 Trojan Delf
SERVER.EXE c0a16dcff246cc3f2ac7f407061ee4c8 Trojan SuspiciousFile
SERVER.EXE c0a16dcff246cc3f2ac7f407061ee4c8 Trojan Artemis
SERVER.EXE c0a16dcff246cc3f2ac7f407061ee4c8 Trojan XPACK
SERVER.EXE c0a16dcff246cc3f2ac7f407061ee4c8 Trojan Eldorado
SERVER.EXE c0a16dcff246cc3f2ac7f407061ee4c8 Trojan Downloader

SERVER.EXE size: 44032 bytes
SERVER.EXE hash: C0A16DCFF246CC3F2AC7F407061EE4C8

Created files:

%WinDir%\InstallDir\Server.exe
%AppData%\Microsoft\Windows\thB7KPGSmD1.xtr

Autostart registry keys:

HKLM\Software\Microsoft\Active Setup\Installed Components\{VXA4D33S-8D71-5671-EV16-S47X3M2ACRG4}\StubPath: 43003A005C00570049004E0044004F00570053005C0049006E007300740061006C006C004400690072005C005300650072007600650072002E006500780065000000
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\HKLM: 43003A005C00570049004E0044004F00570053005C0049006E007300740061006C006C004400690072005C005300650072007600650072002E006500780065000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\HKCU: 43003A005C00570049004E0044004F00570053005C0049006E007300740061006C006C004400690072005C005300650072007600650072002E006500780065000000

Detected by UnHackMe:

SERVER.EXE
Default location: %WinDir%\INSTALLDIR\SERVER.EXE

Dropper information:
MD5: c0a16dcff246cc3f2ac7f407061ee4c8
File size: 44032 bytes

Leave a Reply