INETMLBCF.DLL – Trojan Agent

Trojan No Comments

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.

INETMLBCF.DLL – Trojan Agent removal

FileMD5Virus Alias
INETMLBCF.DLL 925a99878968132807b3027e89039b67 Trojan Agent
INETMLBCF.DLL 925a99878968132807b3027e89039b67 Trojan Generic
INETMLBCF.DLL 925a99878968132807b3027e89039b67 Trojan Eldorado
INETMLBCF.DLL 925a99878968132807b3027e89039b67 Trojan Downloader
INETMLBCF.DLL 925a99878968132807b3027e89039b67 Trojan Siggen

INETMLBCF.DLL size: 196608 bytes
INETMLBCF.DLL hash: 925A99878968132807B3027E89039B67

Created files:

%SysDir%\inetmlbcf.dll

Autostart registry keys:

HKLM\System\CurrentControlSet\Services\NPKEventLog\Type: 10000000
HKLM\System\CurrentControlSet\Services\NPKEventLog\Start: 02000000
HKLM\System\CurrentControlSet\Services\NPKEventLog\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\NPKEventLog\DisplayName: NPK Log COM+ Event
HKLM\System\CurrentControlSet\Services\NPKEventLog\ImagePath: %SystemRoot%\System32\svchost.exe -k netsvcs
HKLM\System\CurrentControlSet\Services\NPKEventLog\Parameters\ServiceDll: 43003A005C00570049004E0044004F00570053005C00730079007300740065006D00330032005C0069006E00650074006D006C006200630066002E0064006C006C000000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\MaxHashTableSize: 00080000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\MaxUserPort: FEFF0000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxConnectResponseRetransmissions: 02000000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TcpTimedWaitDelay: 1E000000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TCPFinWait2Delay: 1E000000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxPortsExhausted: 05000000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxHalfOpen: 00050000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxHalfOpenRetried: 00040000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxDataRetransmissions: 0A000000
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\KeepAliveTime: E0930400
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\KeepAliveInterval: E8030000

Detected by UnHackMe:

INETMLBCF.DLL
Default location: %SYSDIR%\INETMLBCF.DLL

Dropper information:
MD5: 1b7ce8a456c22a32c27598fe4013136c
File size: 294912 bytes

Leave a Reply

Privacy Policy      Terms and Conditions

Thank you for theme by IdeaBox       Credits: Thank you to www.icons8.com for Icons and Images