Hacker.com.cn.exe – Backdoor Hupigon

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

Hacker.com.cn.exe – Backdoor Hupigon removal

FileVirus Alias
Hacker.com.cn.exe Backdoor Hupigon
Hacker.com.cn.exe Trojan Generic
Hacker.com.cn.exe Trojan Delphi
Hacker.com.cn.exe Trojan Delf

Created files:

C:\program files\common files\microsoft shared\msinfo\1.exe – Backdoor Hupigon
%WinDir%\Hacker.com.cn.exe – Backdoor Hupigon
%WinDir%\TEMP\IXP000.TMP\4.EXE – Backdoor Hupigon
%WinDir%\TEMP\IXP001.TMP\3.exe – Backdoor Hupigon

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\360.com.cn\Type: 10010000
HKLM\System\CurrentControlSet\Services\360.com.cn\Start: 02000000
HKLM\System\CurrentControlSet\Services\360.com.cn\DisplayName: 360.com.cn
HKLM\System\CurrentControlSet\Services\360.com.cn\ImagePath: %WinDir%\Hacker.com.cn.exe
HKLM\System\CurrentControlSet\Services\mchInjDrv\Type: 01000000
HKLM\System\CurrentControlSet\Services\mchInjDrv\Start: 04000000
HKLM\System\CurrentControlSet\Services\mchInjDrv\ImagePath: \??\%WinDir%\TEMP\mc21.tmp
HKLM\System\CurrentControlSet\Services\mchInjDrv\DeleteFlag: 01000000

Detected by UnHackMe:

Hacker.com.cn.exe
Default location: %WinDir%\Hacker.com.cn.exe

Dropper information:
SHA256: cbb17226902aec8cd07932d2f43e246c74037f384b45d688b099c7d2f14a8a07
SHA1: ea2c1e07879a9e85cff1c0ed07d6d8b0f1d47c4a
MD5: 0b536123ea9f2d6c9ad1c95dde15c2bf
File size: 797184 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images