RYHXUM.EXE – Trojan Artemis

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

RYHXUM.EXE – Trojan Artemis removal

FileMD5Virus Alias
RYHXUM.EXE 588764da10ee78ee849beeb53366c314 Trojan Artemis
RYHXUM.EXE 588764da10ee78ee849beeb53366c314 Trojan SuspiciousFile
RYHXUM.EXE 588764da10ee78ee849beeb53366c314 Trojan DNAScan
RYHXUM.EXE 588764da10ee78ee849beeb53366c314 Trojan Crypt
RYHXUM.EXE 588764da10ee78ee849beeb53366c314 Backdoor IRCBot

RYHXUM.EXE size: 836608 bytes
RYHXUM.EXE hash: 588764DA10EE78EE849BEEB53366C314

Created files:

%SysDir%\gei33.dll
%SysDir%\ryhxum.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\xhatmuudqb\Type: 10000000
HKLM\System\CurrentControlSet\Services\xhatmuudqb\Start: 02000000
HKLM\System\CurrentControlSet\Services\xhatmuudqb\DisplayName: hmknhfxaxqxkjlzzqtsj
HKLM\System\CurrentControlSet\Services\xhatmuudqb\ImagePath: %WinDir%\System32\ryhxum.exe
HKLM\System\CurrentControlSet\Services\xhatmuudqb\Description: faeedfuujkolxjoqkdvfepvlhvhrwt

Detected by UnHackMe:

RYHXUM.EXE
Default location: %SYSDIR%\RYHXUM.EXE

Dropper information:
MD5: 25b5f46711748d2f170c006ec272cc07
File size: 846336 bytes

Leave a Reply