Backdoor Nitol – svchost.dll – 6fa1b928e0e6369faa8d028e77994442

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Backdoor Nitol
Also known as: Trojan Agent, Trojan Magania
SHA256: 98c3055f8f115fa0535b7535db6347a255e342b0eee1a1ea3fc4691086fb35f5
SHA1: cff4816195fb990830fbeb3e425dca8a9ee95574
MD5: 6fa1b928e0e6369faa8d028e77994442
File size: 155648 bytes

Created files:

%SysDir%\svchost.dll – Backdoor Nitol
%SysDir%\yywmyk.exe – Backdoor Nitol
%WinDir%\WinUpdate.exe – Backdoor Nitol

Backdoor Nitol created autostart registry keys:

HKLM\System\CurrentControlSet\Services\WinDMS\Type: 10000000
HKLM\System\CurrentControlSet\Services\WinDMS\Start: 02000000
HKLM\System\CurrentControlSet\Services\WinDMS\DisplayName: Windows ???????????????
HKLM\System\CurrentControlSet\Services\WinDMS\ImagePath: %WinDir%\System32\yywmyk.exe
HKLM\System\CurrentControlSet\Services\WinDMS\Descriptionyywmyk.exe: Windows Driver Manager Service

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images