SVCHSOT.EXE – Backdoor Zegost

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

SVCHSOT.EXE – Backdoor Zegost removal

FileMD5Virus Alias
SVCHSOT.EXE 2413c41526f1f4c1c88e9ac13e42cb07 Backdoor Zegost
SVCHSOT.EXE 2413c41526f1f4c1c88e9ac13e42cb07 Trojan BZub
SVCHSOT.EXE 2413c41526f1f4c1c88e9ac13e42cb07 Trojan Eldorado
SVCHSOT.EXE 2413c41526f1f4c1c88e9ac13e42cb07 Backdoor PcClien
SVCHSOT.EXE 2413c41526f1f4c1c88e9ac13e42cb07 Trojan Agent
SVCHSOT.EXE 2413c41526f1f4c1c88e9ac13e42cb07 Backdoor Farfli

SVCHSOT.EXE size: 187392 bytes
SVCHSOT.EXE hash: 2413C41526F1F4C1C88E9AC13E42CB07

Created files:

C:\program files\common files\microsoft shared\msinfo\123.exe
C:\program files\common files\microsoft shared\msinfo\CrossFire_OBV187_Full_XFDL_signed.exe
C:\program files\common files\microsoft shared\msinfo\lsass.exe
C:\program files\common files\microsoft shared\msinfo\Server.exe
%TEMP%\1107000
%TEMP%\1107000.exe
%WinDir%\XXXXXX8F70D37A\svchsot.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\XXXXXX8F70D37A: %WinDir%\XXXXXX8F70D37A\svchsot.exe

Detected by UnHackMe:

SVCHSOT.EXE
Default location: %WinDir%\XXXXXX8F70D37A\SVCHSOT.EXE

Dropper information:
MD5: b0667f460e8c096fdae7ad9063143180
File size: 794624 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images