Backdoor IRCBot – BuZuLX64.dLl – 9dc4a2adc29795a5a73425f9c9ec311e

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Backdoor IRCBot
Also known as: Trojan Agent, Worm Autorun
SHA256: d59f954927f1db303499fc4bf6af65555f8cd6fa5fb023ae1045f76ab032e073
SHA1: e7e5b8984aab32653ea2b8ffe8a2b09eae333500
MD5: 9dc4a2adc29795a5a73425f9c9ec311e
File size: 888320 bytes

Created files:

%SysDir%\BuZuLX64.dLl – Backdoor IRCBot
%WinDir%\TEMP\IXP000.TMP\ganjas.exe – Backdoor IRCBot
%WinDir%\TEMP\IXP000.TMP\imbot.exe – Backdoor IRCBot

Backdoor IRCBot created autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0: rundll32.exe %WinDir%\System32\advpack.dll,DelNodeRunDLL32 “%WinDir%\TEMP\IXP000.TMP\”

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images