BOHBOQ.EXE – Backdoor Nitol

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

BOHBOQ.EXE – Backdoor Nitol removal

FileMD5Virus Alias
BOHBOQ.EXE 38677420b2575b837a33557ba747778d Backdoor Nitol
BOHBOQ.EXE 38677420b2575b837a33557ba747778d Trojan Eldorado
BOHBOQ.EXE 38677420b2575b837a33557ba747778d Trojan Downloader
BOHBOQ.EXE 38677420b2575b837a33557ba747778d Virus Part
BOHBOQ.EXE 38677420b2575b837a33557ba747778d Trojan Graftor
BOHBOQ.EXE 38677420b2575b837a33557ba747778d Trojan Agent

BOHBOQ.EXE size: 24576 bytes
BOHBOQ.EXE hash: 38677420B2575B837A33557BA747778D

Created files:

%SysDir%\bohboq.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Nationalpys\Type: 10000000
HKLM\System\CurrentControlSet\Services\Nationalpys\Start: 02000000
HKLM\System\CurrentControlSet\Services\Nationalpys\DisplayName: Nationalkwh Instruments Domain Service
HKLM\System\CurrentControlSet\Services\Nationalpys\ImagePath: %WinDir%\System32\bohboq.exe
HKLM\System\CurrentControlSet\Services\Nationalpys\Description: Providesykl a domain server for NI security.

Detected by UnHackMe:

BOHBOQ.EXE
Default location: %SYSDIR%\BOHBOQ.EXE

Dropper information:
MD5: 38677420b2575b837a33557ba747778d
File size: 24576 bytes

Leave a Reply