kokaoo.exe – Backdoor Nitol

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

kokaoo.exe – Backdoor Nitol removal

FileVirus Alias
kokaoo.exe Backdoor Nitol
kokaoo.exe Trojan Magania
kokaoo.exe Backdoor RBot
kokaoo.exe Trojan Generic
kokaoo.exe Trojan Downloader
kokaoo.exe Trojan ZBot

Created files:

%SysDir%\kokaoo.exe – Backdoor Nitol

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\DNSserveraek\Type: 10000000
HKLM\System\CurrentControlSet\Services\DNSserveraek\Start: 02000000
HKLM\System\CurrentControlSet\Services\DNSserveraek\DisplayName: DCOM Serverdgd Process Launcher.
HKLM\System\CurrentControlSet\Services\DNSserveraek\ImagePath: %WinDir%\System32\kokaoo.exe
HKLM\System\CurrentControlSet\Services\DNSserveraek\Description: DCOM Servermtl Process Launcher..

Detected by UnHackMe:

kokaoo.exe
Default location: %SysDir%\kokaoo.exe

Dropper information:
SHA256: 823c05a2e3526477556708d6175d3c827c7a9936d2b4219485f06133388d13aa
SHA1: b344e1f48777cf3f6c8d0abbb637f84a87a1be34
MD5: b012bfc5a1199863ee007c2de53df6e8
File size: 65024 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images