ADMINISTRATOR.EXE – Trojan-Ransom Winlock

Trojan-Ransom No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

ADMINISTRATOR.EXE – Trojan-Ransom Winlock removal

FileMD5Virus Alias
ADMINISTRATOR.EXE 6924f83ac739da0eec7a3bda084fc97b Trojan-Ransom Winlock
ADMINISTRATOR.EXE 6924f83ac739da0eec7a3bda084fc97b Trojan XPACK
ADMINISTRATOR.EXE 6924f83ac739da0eec7a3bda084fc97b Trojan Generic
ADMINISTRATOR.EXE 6924f83ac739da0eec7a3bda084fc97b Trojan CI
ADMINISTRATOR.EXE 6924f83ac739da0eec7a3bda084fc97b Trojan Graftor
ADMINISTRATOR.EXE 6924f83ac739da0eec7a3bda084fc97b Trojan Agent

ADMINISTRATOR.EXE size: 1134592 bytes
ADMINISTRATOR.EXE hash: 6924F83AC739DA0EEC7A3BDA084FC97B

Created files:

%SysDir%\Administrator.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\UserInit: %WinDir%\System32\userinit.exe,%WinDir%\System32\Administrator.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\DarkComet RAT: %WinDir%\System32\Administrator.exe

Detected by UnHackMe:

ADMINISTRATOR.EXE
Default location: %SYSDIR%\ADMINISTRATOR.EXE

Dropper information:
MD5: 6924f83ac739da0eec7a3bda084fc97b
File size: 1134592 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images