CFTMON.EXE – Trojan Downloader

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

CFTMON.EXE – Trojan Downloader removal

FileMD5Virus Alias
CFTMON.EXE 1105060f341ad6a5e58d60d2a869bb05 Trojan Downloader
CFTMON.EXE 1105060f341ad6a5e58d60d2a869bb05 Trojan Adload
CFTMON.EXE 1105060f341ad6a5e58d60d2a869bb05 Trojan Agent
CFTMON.EXE 1105060f341ad6a5e58d60d2a869bb05 Trojan Small
CFTMON.EXE 1105060f341ad6a5e58d60d2a869bb05 Trojan ZBot
CFTMON.EXE 1105060f341ad6a5e58d60d2a869bb05 Trojan Crypt

CFTMON.EXE size: 505606 bytes
CFTMON.EXE hash: 1105060F341AD6A5E58D60D2A869BB05

Created files:

%UserProfile%\cftmon.exe
%SysDir%\drivers\spools.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ntuser: %WinDir%\System32\drivers\spools.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\autoload: %WinDir%\System32\config\Systemprofile\cftmon.exe
HKLM\System\CurrentControlSet\Services\Schedule\ImagePath: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C0064007200690076006500720073005C00730070006F006F006C0073002E006500780065000000
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ntuser: %WinDir%\System32\drivers\spools.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\autoload: %WinDir%\System32\config\Systemprofile\cftmon.exe

Detected by UnHackMe:

CFTMON.EXE
Default location: %USERPROFILE%\CFTMON.EXE

Dropper information:
MD5: 08afee20a3bb959116d86fdcf265836d
File size: 494192 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images