HYWLPDPBP_NET.EXE – Backdoor Farfli

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

HYWLPDPBP_NET.EXE – Backdoor Farfli removal

FileMD5Virus Alias
HYWLPDPBP_NET.EXE 77d5be3971c356bc6ffaca7376b97993 Backdoor Farfli
HYWLPDPBP_NET.EXE 77d5be3971c356bc6ffaca7376b97993 Trojan Eldorado
HYWLPDPBP_NET.EXE 77d5be3971c356bc6ffaca7376b97993 Trojan Downloader
HYWLPDPBP_NET.EXE 77d5be3971c356bc6ffaca7376b97993 Trojan OnLineGames
HYWLPDPBP_NET.EXE 77d5be3971c356bc6ffaca7376b97993 Trojan Magania
HYWLPDPBP_NET.EXE 77d5be3971c356bc6ffaca7376b97993 Trojan Agent

HYWLPDPBP_NET.EXE size: 142848 bytes
HYWLPDPBP_NET.EXE hash: 77D5BE3971C356BC6FFACA7376B97993

Created files:

C:\291000.dll
%TEMP%\Temp\Hywlpdpbp_NET.exe
%TEMP%\Temp\???V089??????????????.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Please Input Service Name\Type: 10010000
HKLM\System\CurrentControlSet\Services\Please Input Service Name\Start: 02000000
HKLM\System\CurrentControlSet\Services\Please Input Service Name\DisplayName: Please Input Service Display
HKLM\System\CurrentControlSet\Services\Please Input Service Name\ImagePath: %SystemRoot%\System32\svchost.exe -k imgsvc
HKLM\System\CurrentControlSet\Services\RemoteAccess\RouterManagers\Ip\DLLPath: 43003A005C003200390031003000300030002E0064006C006C000000

Detected by UnHackMe:

HYWLPDPBP_NET.EXE
Default location: %TEMP%\TEMP\HYWLPDPBP_NET.EXE

Dropper information:
MD5: 9f287f04bf0e71a4e8c30d30010dba97
File size: 2077450 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images