LSASS.EXE – Backdoor Zegost

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

LSASS.EXE – Backdoor Zegost removal

FileMD5Virus Alias
LSASS.EXE ad5a523b51cb26cd2f2fc0ae8e3a3022 Backdoor Zegost
LSASS.EXE ad5a523b51cb26cd2f2fc0ae8e3a3022 Trojan BZub
LSASS.EXE ad5a523b51cb26cd2f2fc0ae8e3a3022 Trojan Eldorado
LSASS.EXE ad5a523b51cb26cd2f2fc0ae8e3a3022 Backdoor PcClien
LSASS.EXE ad5a523b51cb26cd2f2fc0ae8e3a3022 Trojan Agent
LSASS.EXE ad5a523b51cb26cd2f2fc0ae8e3a3022 Backdoor Farfli

LSASS.EXE size: 187392 bytes
LSASS.EXE hash: AD5A523B51CB26CD2F2FC0AE8E3A3022

Created files:

C:\program files\common files\microsoft shared\msinfo\123.exe
C:\program files\common files\microsoft shared\msinfo\CrossFire_OBV187_Full_XFDL_signed.exe
C:\program files\common files\microsoft shared\msinfo\lsass.exe
C:\program files\common files\microsoft shared\msinfo\Server.exe
%TEMP%\1107000
%TEMP%\1107000.exe
%WinDir%\XXXXXX8F70D37A\svchsot.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\XXXXXX8F70D37A: %WinDir%\XXXXXX8F70D37A\svchsot.exe

Detected by UnHackMe:

LSASS.EXE
Default location: %PROGRAM FILES COMMON%\MICROSOFT SHARED\MSINFO\LSASS.EXE

Dropper information:
MD5: b0667f460e8c096fdae7ad9063143180
File size: 794624 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images