ZQLRQA.EXE – Backdoor Nitol

Backdoor No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

ZQLRQA.EXE – Backdoor Nitol removal

FileMD5Virus Alias
ZQLRQA.EXE 2218b7d842e215835d40b5e90976ef2f Backdoor Nitol
ZQLRQA.EXE 2218b7d842e215835d40b5e90976ef2f Trojan Artemis
ZQLRQA.EXE 2218b7d842e215835d40b5e90976ef2f Trojan Generic
ZQLRQA.EXE 2218b7d842e215835d40b5e90976ef2f Trojan Downloader
ZQLRQA.EXE 2218b7d842e215835d40b5e90976ef2f Trojan Graftor
ZQLRQA.EXE 2218b7d842e215835d40b5e90976ef2f Trojan Agent

ZQLRQA.EXE size: 39424 bytes
ZQLRQA.EXE hash: 2218B7D842E215835D40B5E90976EF2F

Created files:

%SysDir%\hra33.dll
%SysDir%\zqlrqa.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\Distribueoo\Type: 10000000
HKLM\System\CurrentControlSet\Services\Distribueoo\Start: 02000000
HKLM\System\CurrentControlSet\Services\Distribueoo\DisplayName: Distribubaj Transaction Coordinator Service
HKLM\System\CurrentControlSet\Services\Distribueoo\ImagePath: %WinDir%\System32\zqlrqa.exe
HKLM\System\CurrentControlSet\Services\Distribueoo\Description: Distribuain Transaction Coordinator Service.

Detected by UnHackMe:

ZQLRQA.EXE
Default location: %SYSDIR%\ZQLRQA.EXE

Dropper information:
MD5: 3fe15ed5fac2f3f79e2745bec9780744
File size: 47104 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images