YCEMCK.EXE – Backdoor Nitol

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

YCEMCK.EXE – Backdoor Nitol removal

FileMD5Virus Alias
YCEMCK.EXE 6428b37cd4119d5b8b6f4bb328c00428 Backdoor Nitol
YCEMCK.EXE 6428b37cd4119d5b8b6f4bb328c00428 Trojan Generic
YCEMCK.EXE 6428b37cd4119d5b8b6f4bb328c00428 Trojan Click
YCEMCK.EXE 6428b37cd4119d5b8b6f4bb328c00428 Trojan Eldorado
YCEMCK.EXE 6428b37cd4119d5b8b6f4bb328c00428 Trojan Agent

YCEMCK.EXE size: 28624 bytes
YCEMCK.EXE hash: 6428B37CD4119D5B8B6F4BB328C00428

Created files:

%SysDir%\ycemck.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Nationalbsk\Type: 10000000
HKLM\System\CurrentControlSet\Services\Nationalbsk\Start: 02000000
HKLM\System\CurrentControlSet\Services\Nationalbsk\DisplayName: Nationalifw Instruments Domain Service
HKLM\System\CurrentControlSet\Services\Nationalbsk\ImagePath: %WinDir%\System32\ycemck.exe
HKLM\System\CurrentControlSet\Services\Nationalbsk\Description: Providesqnc a domain server for NI security.

Detected by UnHackMe:

YCEMCK.EXE
Default location: %SYSDIR%\YCEMCK.EXE

Dropper information:
MD5: 6428b37cd4119d5b8b6f4bb328c00428
File size: 28624 bytes

Leave a Reply