IMAGE.LINE.SAWER.V1.0.3-UNION.EXE – Trojan Chifrax

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

IMAGE.LINE.SAWER.V1.0.3-UNION.EXE – Trojan Chifrax removal

FileMD5Virus Alias
IMAGE.LINE.SAWER.V1.0.3-UNION.EXE 92b613d01f0035f24ddf9aa5b33bdea7 Trojan Chifrax

IMAGE.LINE.SAWER.V1.0.3-UNION.EXE size: 5147962 bytes
IMAGE.LINE.SAWER.V1.0.3-UNION.EXE hash: 92B613D01F0035F24DDF9AA5B33BDEA7

Created files:

%Program Files%\Iewtq\Axie.exe
%Program Files%\Iewtq\Ctce\Otsi.dll
%Program Files%\Iewtq\Sfaa.exe
%TEMP%\g86E\Image.Line.Sawer.v1.0.3-UNION.exe

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\OALX\Start: 02000000
HKLM\System\CurrentControlSet\Services\OALX\Type: 10000000
HKLM\System\CurrentControlSet\Services\OALX\Description: Data Online Transaction Processing Module
HKLM\System\CurrentControlSet\Services\OALX\DisplayName: Data Online Transaction Processing Module
HKLM\System\CurrentControlSet\Services\OALX\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\OALX\Group: TDI
HKLM\System\CurrentControlSet\Services\OALX\ObjectName: LocalSystem
HKLM\System\CurrentControlSet\Services\OALX\ImagePath: %Program Files%\Iewtq\Sfaa.exe

Detected by UnHackMe:

IMAGE.LINE.SAWER.V1.0.3-UNION.EXE
Default location: %TEMP%\G86E\IMAGE.LINE.SAWER.V1.0.3-UNION.EXE

Dropper information:
MD5: f08296a3afb94d1c65f0d7d1a1a65dcd
File size: 7092857 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images