Backdoor Koutodoor – rtn.sys – 1434671c935a5d3ffe5ed464ad6981e2

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

Backdoor Koutodoor
Also known as: Trojan Eldorado, Trojan Downloader.Generic
SHA256: e367fb481ade490437edb0d43ed11c42304aba4a728c74f7d81105dfd591bdd2
SHA1: bdbb3dd5db7ba9ca83439b4de65296d7bb4a78ef
MD5: 1434671c935a5d3ffe5ed464ad6981e2
File size: 282688 bytes

Created files:

%SysDir%\drivers\rtn.sys – Backdoor Koutodoor
%SysDir%\ekiusj.bat – Backdoor Koutodoor
%SysDir%\tkz.dll – Backdoor Koutodoor
%Temp%\dsgqley.bat – Backdoor Koutodoor
%Temp%\nzdoxn.exe – Backdoor Koutodoor
%Temp%\zlbzyqix.bat – Backdoor Koutodoor

Backdoor Koutodoor created autostart registry keys:

HKLM\System\CurrentControlSet\Services\rtn\Type: 01000000
HKLM\System\CurrentControlSet\Services\rtn\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\rtn\DisplayName: rtn
HKLM\System\CurrentControlSet\Services\rtn\ImagePath: 730079007300740065006D00330032005C0064007200690076006500720073005C00720074006E002E007300790073000000

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images