DECODER.DLL – Trojan ArchSMS

Alex NightWatcher

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

DECODER.DLL – Trojan ArchSMS removal

File	MD5	Virus Alias
DECODER.DLL	0dbb6ca9af2cb9b585f814a3ca4b49ad	Trojan ArchSMS

DECODER.DLL size: 122880 bytes
DECODER.DLL hash: 0DBB6CA9AF2CB9B585F814A3CA4B49AD

Created files:

%AppData%\KRyLack Software\Free RAR Password Recovery\prerequisites\KLInstMan.exe
%AppData%\KRyLack Software\Free RAR Password Recovery 3.46.59\install\decoder.dll
%AppData%\KRyLack Software\Free RAR Password Recovery 3.46.59\install\holder0.aiph

Autostart registry keys:

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\AC03DA35DF93A8D7F711DE7562783F8B.EXE: AC03DA35DF93A8D7F711DE7562783F8B.EXE /exenoupdates /exelang 0 /prereqs “0”

Detected by UnHackMe:

DECODER.DLL
Default location: %APPDATA%\KRYLACK SOFTWARE\FREE RAR PASSWORD RECOVERY 3.46.59\INSTALL\DECODER.DLL

Dropper information:
MD5: ac03da35df93a8d7f711de7562783f8b
File size: 3002368 bytes

Leave a Reply Cancel reply

You must be logged in to post a comment.