CROSSFIRE_OBV187_FULL_XFDL_SIGNED.EXE – Trojan Demp

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

CROSSFIRE_OBV187_FULL_XFDL_SIGNED.EXE – Trojan Demp removal

FileMD5Virus Alias
CROSSFIRE_OBV187_FULL_XFDL_SIGNED.EXE 246bfdbe1dafde268fe6e5c36f08befe Trojan Demp
CROSSFIRE_OBV187_FULL_XFDL_SIGNED.EXE 246bfdbe1dafde268fe6e5c36f08befe Suspicious File
CROSSFIRE_OBV187_FULL_XFDL_SIGNED.EXE 246bfdbe1dafde268fe6e5c36f08befe Worm Mytob
CROSSFIRE_OBV187_FULL_XFDL_SIGNED.EXE 246bfdbe1dafde268fe6e5c36f08befe Backdoor Zegost
CROSSFIRE_OBV187_FULL_XFDL_SIGNED.EXE 246bfdbe1dafde268fe6e5c36f08befe Trojan Jorik
CROSSFIRE_OBV187_FULL_XFDL_SIGNED.EXE 246bfdbe1dafde268fe6e5c36f08befe Trojan Delf

CROSSFIRE_OBV187_FULL_XFDL_SIGNED.EXE size: 587651 bytes
CROSSFIRE_OBV187_FULL_XFDL_SIGNED.EXE hash: 246BFDBE1DAFDE268FE6E5C36F08BEFE

Created files:

C:\program files\common files\microsoft shared\msinfo\123.exe
C:\program files\common files\microsoft shared\msinfo\CrossFire_OBV187_Full_XFDL_signed.exe
C:\program files\common files\microsoft shared\msinfo\lsass.exe
C:\program files\common files\microsoft shared\msinfo\Server.exe
%TEMP%\1107000
%TEMP%\1107000.exe
%WinDir%\XXXXXX8F70D37A\svchsot.exe

Autostart registry keys:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\XXXXXX8F70D37A: %WinDir%\XXXXXX8F70D37A\svchsot.exe

Detected by UnHackMe:

CROSSFIRE_OBV187_FULL_XFDL_SIGNED.EXE
Default location: %PROGRAM FILES COMMON%\MICROSOFT SHARED\MSINFO\CROSSFIRE_OBV187_FULL_XFDL_SIGNED.EXE

Dropper information:
MD5: b0667f460e8c096fdae7ad9063143180
File size: 794624 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images