ISUNP.EXE – Trojan SuspiciousFile

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Free Download
Fully Functional 30-day Trial. No credit card is required.
Reviews
. EULA. Privacy Policy. Uninstall.

ISUNP.EXE – Trojan SuspiciousFile removal

FileMD5Virus Alias
ISUNP.EXE e49890d0e6a937aa660083d28e4e814c Trojan SuspiciousFile

ISUNP.EXE size: 637440 bytes
ISUNP.EXE hash: E49890D0E6A937AA660083D28E4E814C

Created files:

%TEMP%\ir_ext_temp_0\AutoPlay\autorun.cdd
%TEMP%\ir_ext_temp_0\AutoPlay\Buttons\11_1340.btn
%TEMP%\ir_ext_temp_0\AutoPlay\Buttons\4_1986.btn
%TEMP%\ir_ext_temp_0\AutoPlay\Buttons\button.btn
%TEMP%\ir_ext_temp_0\AutoPlay\Buttons\exit.btn
%TEMP%\ir_ext_temp_0\AutoPlay\Buttons\grey_pill.btn
%TEMP%\ir_ext_temp_0\AutoPlay\Buttons\min.btn
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\eXeScope v6.50\eXeScChn.GID
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\eXeScope v6.50\eXeScChn.hlp
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\eXeScope v6.50\eXeScope.exe
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Compil32.exe
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Default.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\64Bit.iss
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\64BitThreeArch.iss
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\64BitTwoArch.iss
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\CodeAutomation.iss
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\CodeClasses.iss
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\CodeDlg.iss
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\CodeDll.iss
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\CodeExample1.iss
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\Components.iss
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\Example1.iss
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\Example2.iss
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\Example3.iss
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\ISPPExample1.iss
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\Languages.iss
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\MyDll\C\MyDll.def
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\MyDll\C\MyDll.dsp
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\MyDll\Delphi\MyDll.dpr
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\MyDll.dll
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\MyProg-IA64.exe
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\MyProg-x64.exe
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\MyProg.exe
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\UninstallCodeDll.iss
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Examples\UninstallCodeExample1.iss
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\isbunzip.dll
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\isbzip.dll
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\ISCC.exe
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\ISCmplr.dll
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\ISCrypt.dll
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\islzma.dll
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\isunzlib.dll
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\iszlib.dll
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Languages\Basque.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Languages\BrazilianPortuguese.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Languages\Catalan.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Languages\ChineseTrad.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Languages\Czech.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Languages\Danish.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Languages\Dutch.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Languages\English.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Languages\Finnish.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Languages\French.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Languages\German.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Languages\Hungarian.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Languages\Italian.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Languages\Norwegian.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Languages\Polish.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Languages\Portuguese.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Languages\Russian.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Languages\Slovak.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Languages\Slovenian.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Languages\Spanish.isl
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\Setup.e32
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\SetupLdr.e32
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup 5?????\unins000.exe
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup Unpacker\disasm\disasm.dpr
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup Unpacker\disasm\disasm.exe
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup Unpacker\Inno Setup Unpacker.exe
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup Unpacker\innounp.exe
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup Unpacker\ISUnp.exe
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Inno Setup Unpacker\msvbvm60.dll
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\NIS Edit ????_VNISEdit 2.0.3 build 060712\funcparams.vns
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\NIS Edit ????_VNISEdit 2.0.3 build 060712\functions.vns
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\NIS Edit ????_VNISEdit 2.0.3 build 060712\Plugins\ExDll\C\hmne_sample.dev
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\NIS Edit ????_VNISEdit 2.0.3 build 060712\Plugins\ExDll\C\hmne_sample.dsp
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\NIS Edit ????_VNISEdit 2.0.3 build 060712\Plugins\ExDll\C\hmne_sample.dsw
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\NIS Edit ????_VNISEdit 2.0.3 build 060712\Plugins\ExDll\Delphi\hmne_sample.dof
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\NIS Edit ????_VNISEdit 2.0.3 build 060712\Plugins\ExDll\Delphi\hmne_sample.dpr
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\NIS Edit ????_VNISEdit 2.0.3 build 060712\Plugins\ExDll\Delphi\PluginsInt.pas
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\NIS Edit ????_VNISEdit 2.0.3 build 060712\Plugins\hmne_addfiles.dll
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\NIS Edit ????_VNISEdit 2.0.3 build 060712\Plugins\hmne_iss2nsi.dll
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\NIS Edit ????_VNISEdit 2.0.3 build 060712\Plugins\hmne_reg2nsi.dll
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\NIS Edit ????_VNISEdit 2.0.3 build 060712\Setup.nsi
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\NIS Edit ????_VNISEdit 2.0.3 build 060712\VNISEdit.exe
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\Nspack3.7??????????.exe
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\PEiD???????0.94?????\mfc70.dll
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\PEiD???????0.94?????\msvcr70.dll
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\PEiD???????0.94?????\PEiD.exe
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\PEiD???????0.94?????\plugins\AddSig.dll
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\PEiD???????0.94?????\plugins\advanced_scan.dll
%TEMP%\ir_ext_temp_0\AutoPlay\Docs\PEiD???????0.94?????\plugins\CRC32.DLL

Detected by UnHackMe:

ISUNP.EXE
Default location: %TEMP%\IR_EXT_TEMP_0\AUTOPLAY\DOCS\INNO SETUP UNPACKER\ISUNP.EXE

Dropper information:
MD5: 613c3390212770ce621b9c675f842cf2
File size: 21673438 bytes

Leave a Reply