Backdoor Maximus – cmss.exe – a01fb965bdcb276b2b8fce743390937e

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Backdoor Maximus
Also known as: Trojan Agent, Trojan Downloader.Generic
SHA256: 3ceee57ee7238ffb5de48a55ea7d11bf5e5ac0e73dcef7d09efaa600b05eaadd
SHA1: fe5efdbe88a8d5799608715876b63869f41073c4
MD5: a01fb965bdcb276b2b8fce743390937e
File size: 362133 bytes

Created files:

%Program Files%\JavaSuppot\cmss.exe – Backdoor Maximus
%Program Files%\JavaSuppot\msn.exe – Backdoor Maximus
%Program Files%\JavaSuppot\services.exe – Backdoor Maximus
%WinDir%\hpserv.dll – Backdoor Maximus
%WinDir%\netcox.exe – Backdoor Maximus
%WinDir%\refsdm.dll – Backdoor Maximus
%WinDir%\svers.dll – Backdoor Maximus
%SysDir%\MSWINSCK.OCX – Backdoor Maximus
%Temp%\Compress0\ass.dll – Backdoor Maximus
%Temp%\Compress0\delkl.dll – Backdoor Maximus
%Temp%\Compress0\dete.dll – Backdoor Maximus
%Temp%\Compress0\dunin.dll – Backdoor Maximus
%Temp%\Compress0\ften.dll – Backdoor Maximus
%Temp%\Compress0\hpserv.dll – Backdoor Maximus
%Temp%\Compress0\inmsg.dll – Backdoor Maximus
%Temp%\Compress0\inter.dll – Backdoor Maximus
%Temp%\Compress0\inuser.dll – Backdoor Maximus
%Temp%\Compress0\mail.dll – Backdoor Maximus
%Temp%\Compress0\mailkl.dll – Backdoor Maximus
%Temp%\Compress0\mailsc.dll – Backdoor Maximus
%Temp%\Compress0\msn.exe – Backdoor Maximus
%Temp%\Compress0\MSWINSCK.OCX – Backdoor Maximus
%Temp%\Compress0\NTRestore.exe – Backdoor Maximus
%Temp%\Compress0\oem.dll – Backdoor Maximus
%Temp%\Compress0\picture.dll – Backdoor Maximus
%Temp%\Compress0\port.dll – Backdoor Maximus
%Temp%\Compress0\pwhost.dll – Backdoor Maximus
%Temp%\Compress0\refsdm.dll – Backdoor Maximus
%Temp%\Compress0\resu.dll – Backdoor Maximus
%Temp%\Compress0\rmdesk.dll – Backdoor Maximus
%Temp%\Compress0\rvhost.dll – Backdoor Maximus
%Temp%\Compress0\rvport.dll – Backdoor Maximus
%Temp%\Compress0\rwce.dll – Backdoor Maximus
%Temp%\Compress0\rwci.dll – Backdoor Maximus
%Temp%\Compress0\rwcs.dll – Backdoor Maximus
%Temp%\Compress0\scan.dll – Backdoor Maximus
%Temp%\Compress0\sccle.dll – Backdoor Maximus
%Temp%\Compress0\scday.dll – Backdoor Maximus
%Temp%\Compress0\scen.dll – Backdoor Maximus
%Temp%\Compress0\scint.dll – Backdoor Maximus
%Temp%\Compress0\scint2.dll – Backdoor Maximus
%Temp%\Compress0\scloc.dll – Backdoor Maximus
%Temp%\Compress0\seek.dll – Backdoor Maximus
%Temp%\Compress0\seekil.dll – Backdoor Maximus
%Temp%\Compress0\services.exe – Backdoor Maximus
%Temp%\Compress0\ssap.dll – Backdoor Maximus
%Temp%\Compress0\svers.dll – Backdoor Maximus
%Temp%\Compress0\type.dll – Backdoor Maximus
%Temp%\Compress0\unin.dll – Backdoor Maximus
%Temp%\Compress0\unir.exe – Backdoor Maximus
%Temp%\Compress0\update.dll – Backdoor Maximus
%Temp%\Compress0\user.dll – Backdoor Maximus
%Temp%\Compress0\ushost.dll – Backdoor Maximus
%Temp%\Compress0\weben.dll – Backdoor Maximus
%Temp%\Compress0\winsyst32.exe – Backdoor Maximus

Backdoor Maximus created autostart registry keys:

HKLM\Software\Classes\CLSID\{248DD896-BB45-11CF-9ABC-0080C7E7B78D}\InprocServer32 : %WinDir%\System32\MSWINSCK.OCX
HKLM\Software\Classes\CLSID\{248DD897-BB45-11CF-9ABC-0080C7E7B78D}\InprocServer32 : %WinDir%\System32\MSWINSCK.OCX
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\NSIS64: C:\PROGRA~1\JAVASU~1\msn.exe

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images