BNFVDWBUCVF.EXE – Trojan Bumat

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

BNFVDWBUCVF.EXE – Trojan Bumat removal

FileMD5Virus Alias
BNFVDWBUCVF.EXE 3bb21aed0bdc9e77993cf7d94c726265 Trojan Bumat
BNFVDWBUCVF.EXE 3bb21aed0bdc9e77993cf7d94c726265 Trojan Generic
BNFVDWBUCVF.EXE 3bb21aed0bdc9e77993cf7d94c726265 Trojan Xema
BNFVDWBUCVF.EXE 3bb21aed0bdc9e77993cf7d94c726265 Trojan Eldorado
BNFVDWBUCVF.EXE 3bb21aed0bdc9e77993cf7d94c726265 Trojan Downloader
BNFVDWBUCVF.EXE 3bb21aed0bdc9e77993cf7d94c726265 Trojan Siggen

BNFVDWBUCVF.EXE size: 18432 bytes
BNFVDWBUCVF.EXE hash: 3BB21AED0BDC9E77993CF7D94C726265

Created files:

C:\BNFVDWBUCVF.EXE
%Program Files%\DIU8JXZ0LW\GRTHRPSD.exe
%Program Files%\DIU8JXZ0LW\UY8Y7MXJSA3.exe
%WinDir%\smjqtdmcctip.dll
%UserProfile%\Start Menu\Programs\Startup\V99ZKYR0XFLT.pif

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\ZDLOU4\Type: 10010000
HKLM\System\CurrentControlSet\Services\ZDLOU4\Start: 02000000
HKLM\System\CurrentControlSet\Services\ZDLOU4\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\ZDLOU4\DisplayName: ZDLOU4
HKLM\System\CurrentControlSet\Services\ZDLOU4\ImagePath: %Program Files%\DIU8JXZ0LW\GRTHRPSD.exe -E6Y30

Detected by UnHackMe:

BNFVDWBUCVF.EXE
Default location: C:\BNFVDWBUCVF.EXE

Dropper information:
MD5: 189cce14b9ee3134b41b0c770968eacb
File size: 210296 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images