Backdoor Koutodoor – dqgklnr.dll – 0438df0cfa64ea80d0abe23d872dcb1c

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

Backdoor Koutodoor
Also known as: Trojan Eldorado, Trojan Downloader.Generic
SHA256: 914f03f076f92e7db5066346cb8cc4a0f36233cb478e983af71a566365ef0d7c
SHA1: a331c21d84d93667ac3ebae8d0e3390a34ef5f3f
MD5: 0438df0cfa64ea80d0abe23d872dcb1c
File size: 290880 bytes

Created files:

%SysDir%\dqgklnr.dll – Backdoor Koutodoor
%SysDir%\drivers\frlgj.sys – Backdoor Koutodoor
%SysDir%\jgqzap.bat – Backdoor Koutodoor
%Temp%\asmqwsch.bat – Backdoor Koutodoor
%Temp%\lckpqqk.bat – Backdoor Koutodoor
%Temp%\mjlfez.exe – Backdoor Koutodoor
%Temp%\mkvhqjc.bat – Backdoor Koutodoor
%Temp%\svwrga.exe – Backdoor Koutodoor
%Temp%\ziwlqd.bat – Backdoor Koutodoor

Backdoor Koutodoor created autostart registry keys:

HKLM\System\CurrentControlSet\Services\frlgj\Type: 01000000
HKLM\System\CurrentControlSet\Services\frlgj\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\frlgj\DisplayName: frlgj
HKLM\System\CurrentControlSet\Services\frlgj\ImagePath: 730079007300740065006D00330032005C0064007200690076006500720073005C00660072006C0067006A002E007300790073000000

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images