BALHWO.EXE – Backdoor Nitol

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

BALHWO.EXE – Backdoor Nitol removal

FileMD5Virus Alias
BALHWO.EXE d4a807f7691bd14ddf29858ef6a497d0 Backdoor Nitol
BALHWO.EXE d4a807f7691bd14ddf29858ef6a497d0 Suspicious File
BALHWO.EXE d4a807f7691bd14ddf29858ef6a497d0 Trojan Generic
BALHWO.EXE d4a807f7691bd14ddf29858ef6a497d0 Trojan Downloader
BALHWO.EXE d4a807f7691bd14ddf29858ef6a497d0 Trojan Agent
BALHWO.EXE d4a807f7691bd14ddf29858ef6a497d0 Trojan Small

BALHWO.EXE size: 40448 bytes
BALHWO.EXE hash: D4A807F7691BD14DDF29858EF6A497D0

Created files:

%SysDir%\balhwo.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\National\Type: 10000000
HKLM\System\CurrentControlSet\Services\National\Start: 02000000
HKLM\System\CurrentControlSet\Services\National\DisplayName: Domain Service
HKLM\System\CurrentControlSet\Services\National\ImagePath: %WinDir%\System32\balhwo.exe

Detected by UnHackMe:

BALHWO.EXE
Default location: %SYSDIR%\BALHWO.EXE

Dropper information:
MD5: c4d0087ebcdcaa94f2a5ef3a4ceb1dc3
File size: 48128 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images