Backdoor IRCBot – svchost.exe – 24837f736517f367a11dcb8bd8ed6306

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Backdoor IRCBot
SHA256: bf0a41febde8806d259528cc07a9677d43726b78efbca7fb4abb95e5aaf366b8
SHA1: bdc843c65e6984b35dd26c53e84338ff3982da2d
MD5: 24837f736517f367a11dcb8bd8ed6306
File size: 12800 bytes

Created files:

%SysDir%\drivers\svchost.exe – Backdoor IRCBot

Backdoor IRCBot created autostart registry keys:

HKLM\Software\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InProcServer32 : 2500530079007300740065006D0052006F006F00740025005C00530079007300740065006D00330032005C0077006500620063006800650063006B002E0064006C006C000000
HKLM\System\CurrentControlSet\Services\WksPatch\Type: 10000000
HKLM\System\CurrentControlSet\Services\WksPatch\Start: 02000000
HKLM\System\CurrentControlSet\Services\WksPatch\DisplayName: Network Logging
HKLM\System\CurrentControlSet\Services\WksPatch\ImagePath: %WinDir%\System32\drivers\svchost.exe

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images