EXPLOREB.EXE – Trojan QQPass

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

EXPLOREB.EXE – Trojan QQPass removal

FileVirus Alias
EXPLOREB.EXE Trojan QQPass
EXPLOREB.EXE Trojan Generic
EXPLOREB.EXE Trojan Vundo
EXPLOREB.EXE Trojan Agent

Created files:

C:\DebugFi – Trojan QQPass
C:\Documents and Settings\I.EXE – Trojan QQPass
C:\Documents and Settings\l.EXE – Trojan QQPass
%Program Files%\BB.EXE – Trojan QQPass
C:\Sandbox\LH.EXE – Trojan QQPass
C:\Sandbox\ZZ.EXE – Trojan QQPass
%SysDir%\EXPLOREB.EXE – Trojan QQPass

Autostart registry keys:

HKLM\Software\Classes\txtfile\shell\open\command : C:\Documents and Settings\l.EXE %1
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ExplorerBen: C:\Documents and Settings\I.EXE
HKLM\System\CurrentControlSet\Services\T\Type: 10010000
HKLM\System\CurrentControlSet\Services\T\Start: 02000000
HKLM\System\CurrentControlSet\Services\T\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\T\DisplayName: T
HKLM\System\CurrentControlSet\Services\T\ImagePath: C:\System Volume Information\Z.EXE

Detected by UnHackMe:

EXPLOREB.EXE
Default location: %SysDir%\EXPLOREB.EXE

Dropper information:
SHA256: 677aab68afb9d4b785e8340679336dccdbba70c1b7022079688479b16a167bea
SHA1: 5c0e496f063ce332cc9ea016afd26b74fbed2b06
MD5: e182170f5caa7d8b2c44a1b467871089
File size: 49664 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images