Backdoor Koutodoor – dgswzxr.dll – 041e91cc78b3b615de5d5b4ee82565d8

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

Backdoor Koutodoor
Also known as: Trojan Eldorado, Trojan Renos
SHA256: ba858fc5b04ee47934104db5b5a65659f297e41accde6645dc6c8d1d7f0ee615
SHA1: 746d7f147693a998c85ec5cb23b36bca2576f3f7
MD5: 041e91cc78b3b615de5d5b4ee82565d8
File size: 278592 bytes

Created files:

%SysDir%\dgswzxr.dll – Backdoor Koutodoor
%SysDir%\drivers\yrqmvr.sys – Backdoor Koutodoor
%SysDir%\ouxpek.bat – Backdoor Koutodoor
%Temp%\hqppbqac.bat – Backdoor Koutodoor
%Temp%\izvgvoc.bat – Backdoor Koutodoor
%Temp%\mqlzrfb.bat – Backdoor Koutodoor
%Temp%\olvzsx.bat – Backdoor Koutodoor
%Temp%\oowcdr.exe – Backdoor Koutodoor
%Temp%\upkdrt.exe – Backdoor Koutodoor

Backdoor Koutodoor created autostart registry keys:

HKLM\System\CurrentControlSet\Services\yrqmvr\Type: 01000000
HKLM\System\CurrentControlSet\Services\yrqmvr\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\yrqmvr\DisplayName: yrqmvr
HKLM\System\CurrentControlSet\Services\yrqmvr\ImagePath: 730079007300740065006D00330032005C0064007200690076006500720073005C007900720071006D00760072002E007300790073000000

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images