38A66834F9030600B4061BB12B5CF0A7.EXE – Trojan-Ransom Winlock

Trojan-Ransom No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

38A66834F9030600B4061BB12B5CF0A7.EXE – Trojan-Ransom Winlock removal

File MD5 Virus Alias
38A66834F9030600B4061BB12B5CF0A7.EXE 38a66834f9030600b4061bb12b5cf0a7 Trojan-Ransom Winlock
38A66834F9030600B4061BB12B5CF0A7.EXE 38a66834f9030600b4061bb12b5cf0a7 Trojan XPACK
38A66834F9030600B4061BB12B5CF0A7.EXE 38a66834f9030600b4061bb12b5cf0a7 Trojan Generic
38A66834F9030600B4061BB12B5CF0A7.EXE 38a66834f9030600b4061bb12b5cf0a7 Trojan Agent
38A66834F9030600B4061BB12B5CF0A7.EXE 38a66834f9030600b4061bb12b5cf0a7 Trojan ZBot
38A66834F9030600B4061BB12B5CF0A7.EXE 38a66834f9030600b4061bb12b5cf0a7 Trojan Crypt

38A66834F9030600B4061BB12B5CF0A7.EXE size: 103424 bytes
38A66834F9030600B4061BB12B5CF0A7.EXE hash: 38A66834F9030600B4061BB12B5CF0A7

Created files:

%SysDir%\38A66834F9030600B4061BB12B5CF0A7.EXE

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\AMService\Type: 10010000
HKLM\System\CurrentControlSet\Services\AMService\Start: 02000000
HKLM\System\CurrentControlSet\Services\AMService\DisplayName: AMService
HKLM\System\CurrentControlSet\Services\AMService\ImagePath: %WinDir%\System32\38A66834F9030600B4061BB12B5CF0A7.EXE run

Detected by UnHackMe:

38A66834F9030600B4061BB12B5CF0A7.EXE
Default location: %SYSDIR%\38A66834F9030600B4061BB12B5CF0A7.EXE

Dropper information:
MD5: 38a66834f9030600b4061bb12b5cf0a7
File size: 103424 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images