EGQOQYC.PIF – Backdoor Caphaw

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

EGQOQYC.PIF – Backdoor Caphaw removal

FileMD5Virus Alias
EGQOQYC.PIF 3971ff64e587631eb138187672f01fd4 Backdoor Caphaw
EGQOQYC.PIF 3971ff64e587631eb138187672f01fd4 Trojan Downloader
EGQOQYC.PIF 3971ff64e587631eb138187672f01fd4 Trojan Graftor
EGQOQYC.PIF 3971ff64e587631eb138187672f01fd4 Trojan Magania
EGQOQYC.PIF 3971ff64e587631eb138187672f01fd4 Trojan Agent

EGQOQYC.PIF size: 28672 bytes
EGQOQYC.PIF hash: 3971FF64E587631EB138187672F01FD4

Created files:

%Program Files%\Microsoft Makweq\Egqoqyc.pif
%WinDir%\AppPatch\NetSyst64.dll

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Wsacim aewiimki: %Program Files%\Microsoft Makweq\Egqoqyc.pif
HKLM\System\CurrentControlSet\Services\Wsacim aewiimki\DeleteFiles: 3971FF64E587631EB138187672F01FD4.EXE
HKLM\System\CurrentControlSet\Services\Wsacim aewiimki\ConnectGroup: ??????

Detected by UnHackMe:

EGQOQYC.PIF
Default location: %PROGRAM FILES%\MICROSOFT MAKWEQ\EGQOQYC.PIF

Dropper information:
MD5: 3971ff64e587631eb138187672f01fd4
File size: 28672 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images